Most of our read queries against our API call a

lookup_resources

against SpiceDB as well, we just use

minimize_latency

, most of our sensitive data is requested separately and gets its own read permission check with

check_permission