Does anyone have any experience with using spicedb...
# generaly
yandu
02/20/2023, 4:21 PMDoes anyone have any experience with using spicedb for fine-grained access control?
yandu
02/20/2023, 4:41 PMOr what are folks using to support fine grained access?
g
Gwen Shapira
02/20/2023, 4:47 PMalso curious what others are doing...
we are currently on Postgres's RLS, its sweet and simple, but I heard it may not be the best thing long term?
y
yandu
02/21/2023, 1:59 AMDo you use that for app level things like who can call what APIs? Do you have one user per tenant then?
l
Lalit Pagaria
02/21/2023, 6:11 AMIn my previous org we implemented it via Spring and JWT (similar to this https://medium.com/geekculture/role-based-access-control-rbac-with-spring-boot-and-jwt-bc20a8c51c15). Our service was gateway between all internal and external traffic and it was written in Spring Security from the scratch.
Lalit Pagaria
02/21/2023, 6:15 AMSpring we used to control individual API access via annotation and http filters.
BTW there is another OSS alternate of SpiceDB is permify