Hello, in SpiceDB the only data we have about resources are relations and identifiers. Say I want to retrieve a list of documents for a user and show it in the UI. The only way I see is first to query SpriceDB to get a list of resource identifiers and then query another system to get the details in order to, say, show the title of each document in a list on the screen. Would there be another way of doing which would be more effective in term of performance?

Hi 👋 - For the former question, we wrote about this in https://authzed.com/docs/spicedb/modeling/protecting-a-list-endpoint - for the latter question, you'll have to use a combination of 2 API calls - You'll first use reflection to list the permissions of the resource type: https://buf.build/authzed/api/docs/main:authzed.api.v1#authzed.api.v1.ExperimentalService.ExperimentalReflectSchema - Then you'd use

CheckBulk

to send a batched request with a permission check for each one of the permissions. https://buf.build/authzed/api/docs/main:authzed.api.v1#authzed.api.v1.CheckBulkPermissionsRequest

Thanks for your answer. Materialize sounds like the best solution. I was thinking about how permissions could somehow stream into another store and, good news, you are working on it. Unfortunately it's not yet available.

Materialize is available as Early Access on Authzed Dedicated.