https://authzed.com logo
Title
j

Jonathan Hope

12/15/2022, 3:53 PM
I'm willing to admit that while I understand most of the Zanzibary stuff, the Zookies/ZedTokens are still a little fuzzy to me. Given the following flow: 1. Get the requested resource from a database. 2. Check if it has a ZedToken in the database. 1. If it does then make an auth call with at_least_as_fresh and the ZedToken. 2. If it does not then make an auth call with fully_consistent. 3. If there was no ZedToken then store the ZedToken in the database alongside the resource. I have the following questions: 1. Does that work? 2. Is there ever a case where that ZedToken needs to be invalidated? Or does the at_least_as_fresh mean that it doesn't. 3. Is there any reason I couldn't store the ZedTokens in a fast key value store?