Designing Secure Authorization Infrastructure Using FastAPI and SpiceDB on Railway
mahmud963
HOBBYOP

4 months ago

I am building an authorization system using FastAPI + SpiceDB.

SpiceDB is running on Railway, and I need to connect to it from my local FastAPI development environment.

I am looking for best practice architecture recommendations for exposing or accessing SpiceDB gRPC securely from outside Railway.

Any advice on production architecture is welcome.

$10 Bounty

1 Replies

Status changed to Awaiting Railway Response Railway 4 months ago


xmrafonso
FREE

4 months ago

Hey,

I'd recommend to not expose SpiceDB publicly at all. Keep it private inside Railway and let only your deployed FastAPI service talk to it over private networking. That's the best way to do it in prod.

If you REALLY need to access SpiceDB directly from outside railway, I'd make sure to use a secure tunnel at least. But I wouldn't recommend that.


Welcome!

Sign in to your Railway account to join the conversation.

Loading...