)-- AuthZed, the authorization infrastructure company, today announced official support for Retrieval-Augmented Generation (RAG) and Agentic AI systems. AuthZed gives engineering teams the tools to ensure that AI systems respect permissions, prevent data leaks, and maintain complete audit trails.

As more organizations develop AI products or implement Agents, they are facing new challenges around authorization. Language models and agents interact with proprietary data, act on behalf of users, and retrieve information across tenants. Traditional authorization is not equipped to handle this complexity. In fact, the OWASP Top 10 for LLM Applications (2025) identifies inadequate authorization controls as a top risk and recommends robust authorization controls as a primary mitigation.

AuthZed addresses this by using its open-source permissions system, SpiceDB, to support RAG and Agentic AI. Based on Google’s internal permission system, Zanzibar, SpiceDB was built for scale and complexity. SpiceDB can scale to trillions of access control lists and millions of authorization checks per second, so supporting AI is a natural evolution for SpiceDB.

“Customers have naturally come to AuthZed to help make their AI projects a reality,” said Jake Moshenko, CEO of AuthZed. “As SpiceDB is based on Google Zanzibar, it is really the best-suited authorization solution to provide the scale and flexibility that AI needs. Our official support of RAG and Agentic AI gives our existing and future AI customers the confidence that they have a partner to bring their AI to market securely.”

“AI systems are only as trustworthy as the infrastructure that governs them," said Janakiram MSV, industry analyst of Janakiram & Associates. "AuthZed’s SpiceDB brings proven, cloud-native authorization principles to AI, delivering the control enterprises need to adopt AI safely and at scale.”

Enforcing Permissions in RAG Pipelines
AI systems that use RAG are more effective when they pull from proprietary knowledge bases, but every data source introduces new access rules. AuthZed helps ensure only the right data is retrieved, embedded, and surfaced to users.
With AuthZed, users can:

-Pre-filter documents before embedding, based on user permissions
-Post-filter vector search results to exclude unauthorized content
-Synchronize permissions in real time from systems like Google Workspace or SharePoint

These strategies allow teams to build RAG systems that prevent data leaks without sacrificing performance.

AuthZed’s Agentic AI Authorization Model
Agents introduce flexibility and autonomy, but they also pose new risks if not properly governed. AuthZed’s Agentic AI Authorization Model helps define and enforce what agents can do, based on the permissions of the users they represent.

AuthZed provides:
-Functionality Control: Define and restrict which tools or APIs an agent can access
-Permissions Management: Inherit user-level permissions to scope agent behavior
-Autonomy Oversight: Require approvals for sensitive actions and maintain complete audit logs

By applying authorization throughout the agent’s lifecycle, teams can prevent overreach and ensure AI operates within acceptable boundaries.

To explore how to implement authorization with AI, visit the AuthZed AI Solutions Page: https://authzed.com/ai-authorization

About AuthZed
AuthZed is on a mission to fix access control by providing authorization infrastructure. AuthZed provides one authorization system for your entire application ecosystem, eliminating authorization silos and simplifying your architecture with a centralized permissions platform. Trusted by developer and platform teams at Workday, National Bank of Canada, Turo, Neo Financial and more. To learn more, visit https://authzed.com/ or follow us on LinkedIn.