Skip to main content

The Authzed API

Authzed exposes gRPC APIs.

While any developer can generate their own clients from the public Authzed Protobuf Definitions, the Authzed team officially supports and maintains client libraries for Go and Python.

Official clients leverage their language's gRPC ecosystem to provide an abstraction for each version of the Authzed API.

If you are interested in additional language support, feel free to reach out.

Versioning & Deprecation Policy#

APIs are versioned by their Protobuf package and version compatibility is enforced by the Buf Breaking Rules. New Messages, Fields, Services, and RPCs can be added to existing APIs as long as existing calls continue to exhibit the same behavior.

When an API version is marked as deprecated, the duration of its continued support will be announced.

During this deprecation period, Authzed reserves the right to take various actions to users and clients using deprecated APIs:

  • Email users
  • Print warning messages from official clients
  • Purposely disrupt service near the end of the period

authzed.api.v1alpha1#

The v1 Authzed API is currently Work In Progress.

API Docs#

gRPC Documentation can be found on the Buf Registry.

Changes#

  • A new Schema language replaces Namespace Configs. Existing v0 NamespaceConfigs can be read from the SchemaRead() API.

  • Zookies have been renamed to Zed Tokens and their semantics changed. By default, all requests are read-after-write consistent. By providing a Zed Token, you are specifying that you only need data as fresh as the token, which will improve performance.

  • More to come!

authzed.api.v0#

v0 is the first iteration of the Authzed API. It strived to be as accurate to the description of the Zanzibar APIs as possible.

API Docs#

gRPC Documentation can be found in the v0 docs or the Buf Registry.

Caveats#

This API did not originally have a Protobuf package defined and is being migrated to have one. This means that on a future cut-off date, all clients will have to be updated in order to continue interacting with Authzed servers. No functionality has been changed, only the name that gRPC uses to identify the RPC has been modified.