Starlet #17 SpiceDB: Google Zanzibar-inspired Authorization System
LogoBlogAdd Access Token

Starlet #17 SpiceDB: Google Zanzibar-inspired Authorization System

Pablo Macias 2 min read

This is the seventeenth issue of The Starlet List. If you want to prompt your open source project on for free, please check out our announcement.

What is SpiceDB?

SpiceDB is the most scalable and consistent Google Zanzibar-inspired database for storing and computing permissions data—use it to build global-scale fine-grained authorization services.

What is SpiceDB used for?

SpiceDB is used by companies looking to implement a robust and scalable authorization system inspired by Google Zanzibar.

Google Zanzibar prevents “exposure of sensitive information to an unauthorized actor” while ensuring consistency and scalability of access control. Essentially, it aims to prevent broken access control, the number one security concern according OWASP’s 2021 report.

SpiceDB helps companies looking to break into the enterprise segment and/or adopt a product-led growth motion.

Key features of SpiceDB

  • Expressive APIs
  • Distributed Graph
  • Prevents New Enemies
  • Configuration Language
  • Pluggable Storage
  • Deep Observability

SpiceDB was created and is maintained by the team behind AuthZed, and it also has a network of contributors and community members.

Star History Chart

What is Google Zanzibar?

Google Zanzibar is a relationship-based access control system (ReBAC) capable of processing "more than 10 million client queries per second."

Google Zanzibar powers authorization for hundreds of Google Products, including Google Calendar, Cloud, Drive, Maps, Photos, and YouTube.

It unlocks unique experiences like cross-product authorization checks, e.g., Slack’s Gmail extension can check if a recipient can access a Google Doc, unlocking growth through reduced friction points while maintaining user privacy.

Find out more about SpiceDB

Relevant videos

Some demo applications

Find out more about Google Zanzibar