https://authzed.com logo
#spicedb
Title
# spicedb
n

niodice

09/13/2022, 5:28 PM
Part of the problem is that our backend services don't know the token -- it's a secret that we don't pass around, instead we rely on authoratative headers that gives us (1) user ID, (2) app ID, (3) user permissions. I think I really want to ask a question, Does user X calling from app Y with permissions set Z have access to Entity A