# spicedb


05/11/2022, 1:40 AM
Hi there guys. I'm trying to study and understand better how large-scale applications handle authorization and authentication. I started with things like Keycloak which was giving me pretty much everything authentication&authorization out of the box. I found out about SpiceDB and Zanzibar and really liked it and I'm feeling like now I need to understand a little better how they handle things but one thing still doesn't enter my head. I'm reading A LOT but I can't figure out this: if SpiceDB can help me with authorization, what about the authentication portion? How do those companies handle that? For example, I found out about OIDC but it's a layer on top of OAuth 2.0 which is for authorization so where does SpiceDB enter here? Keycloak gives me not only authentication but also user storage and stuff, do you guys know other alternatives for that? Like authentication & storage only so I can use it along with SpiceDB? Authentication and authorization give me goosebumps, sooo complex haha. Thank you guys.