Hello folks! How are you?
I'm searching for open-source authorization services and I read the SpiceDB
documentation and came across with this point: What happens if I don't use a ZedToken at all
The idea of having an authorization service is to decouple from my microservices this responsibility.
For me, it doesn't make sense I add a column in my business database to store a token related to the authorization service, in this case, related to a specific implementation.
If I don't use a zedtoken
, is there a way to say: "spicedb, rebuild the cache now, with these last changes"?
And when a "check permission" is performed without a zedtoken
, this more recent cache will be used.
> If you do not intend to store ZedTokens, it is recommended that all calls use Consistency of fully_consistent (which has a major performance hit, but is fully safe). Really, though, you should store ZedTokens.
Do we have numbers about it? What is the difference in the response time?