Check it out: How permissions are answered in SpiceDB and Authzed

This summary provides an overview of the importance of authentication and authorization, and how they are related. It explains that authentication is concerned with identity, while authorization is about permission. The text then delves into the concept of permissions, defining them as checks within a permissions system, where the question "Does subject have permission on resource?" is asked. The summary also discusses how relationships between objects in a permissions system determine whether a user can perform a certain action, and how these relationships are expressed through roles or attributes. The text then provides an example of how this works using SpiceDB, an open-source implementation of Zanzibar, to demonstrate how it answers Check questions efficiently while providing tooling to handle complexity.