Permissions as a Service
We’re thrilled to announce our latest investment in founders we have known for many years through our Work-Bench community as we lead Authzed’s $3.9M seed round, with participation from Amplify Partners, Y Combinator, and notable angel investors including Spencer Kimball (Cockroach Labs), Alex Polvi (CoreOS), Jeff Yoshimura (Snyk), and Gokul Rajaram (DoorDash).
Authzed is building a platform to store, compute, and validate application permissions at scale.
Now more than ever, development speed and application scale are critical for companies of all sizes. Authzed unlocks both capabilities through its API that is designed to help developers quickly add permissions to an application.
Our history with Authzed’s founders dates back to November 2013 when Jake Moshenko and Joey Schorr met with us in the early days of containers and pitched a “GitHub for Docker files.” They had previously worked at Amazon and Google.
The duo foresaw a huge need in the evolving container ecosystem for a container registry, and their company Quay was acquired by CoreOS. After the acquisition, Jake and Joey moved into our Work-Bench office in 2014 to build out the CoreOS NYC team, which is where they met Jimmy Zelinskie, Authzed’s third cofounder. Through our investment in CoreOS we had the opportunity to work alongside the trio for several years, and CoreOS ultimately sold to Red Hat for $250M.
When Jake, Joey, and Jimmy were thinking about what to build next, they recalled the challenges with permissions systems they faced when building Quay and CoreOS. As they spent more time thinking about the problem and talking with other developers, they came to an important conclusion:
With an increasingly complex landscape of SaaS, cloud infrastructure, open source, and enterprise permissions systems, the burden of both building an application, and authorizing access to it has become a tedious chore that is often overwhelming to developers and administrators.
Dealing with identity involves two challenges: authentication (authN) and authorization (authZ). AuthN is the process of verifying who you’re dealing with, and Auth0 is the latest in a string of several large exits in the category. AuthZ is about establishing your privilege and whether you should have access to something, and still remains a fairly unsolved challenge.
Developers massively underestimate the time and effort required to implement even basic permissions for SaaS or enterprise applications. Existing authorization solutions have issues with scaling, complexity, and verifiability.
As we’ve heard from engineers in our community, an unfortunate byproduct of most permission systems put together with spaghetti code and bandaids is that you often have to shelve product features to focus on safely altering policy and migrating data.
In continuing with a past Work-Bench investment theme in GIFEE (Google Infrastructure For Everyone Else) that’s served us well in prior deals, the Authzed team was inspired by Google’s Zanzibar: a consistent, global authorization system.
Authzed intends to be able to provide fast permissions checks, at any scale, anywhere on the planet. Benefits will include:
- Correctness: Ensures consistency of access control decisions to respect user intentions
- Flexibility: Supports a rich set of access control policies as required by both consumer and enterprise applications
- Low latency: Responds quickly because authorization checks are often in the critical path of user interactions
- High availability: Reliably respond to requests
- Large scale: Protect billions of objects shared by billions of users
Try It Out!
The Authzed Playground is a space they provide for prospects to safely create, edit, validate and share their namespace configurations, all without any software installation”
They’re hiring for engineers, so reach out if you’d like to join them.