You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
docs: add underscore prefix convention for private identifiers
Document the ability to use underscore prefixes for definitions,
relations, and permissions to signal that they are private/internal.
This is a naming convention that helps developers distinguish between
public API and internal implementation details in their schemas.
Related: authzed/spicedb#2733
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Copy file name to clipboardExpand all lines: pages/spicedb/concepts/schema.mdx
+35Lines changed: 35 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -437,6 +437,41 @@ Examples:
437
437
to a _computed_ set of subjects.
438
438
</Callout>
439
439
440
+
### Private/Internal Identifiers
441
+
442
+
SpiceDB supports using an underscore (`_`) prefix for identifiers to establish a convention for marking definitions, relations, or permissions as "private" or "internal". This is a naming convention only—it does not enforce any access restrictions.
443
+
444
+
This convention is useful for:
445
+
446
+
-**Synthetic permissions**: Permissions that exist only to compose other permissions
447
+
-**Internal relations**: Relations not meant to be directly referenced by application code
448
+
-**Implementation details**: Parts of your schema that may change without affecting the public API
449
+
450
+
```zed
451
+
definition document {
452
+
relation viewer: user
453
+
relation _internal_viewer: user // private: internal use only
0 commit comments