Skip to main content

build an app with duck iam

A hands-on course that takes you from zero to a production-ready authorization system. Build a real blog platform step by step, using every feature along the way.

What You Will Build

BlogDuck, a multi-tenant blog platform with full authorization. Start with a single permission check and finish with typed configs, scoped roles, ABAC policies, database storage, server middleware, and client-side permission rendering.

Loading diagram...

Who Is This For

  • New to duck-iam and want a structured path
  • Evaluating duck-iam for your team
  • Learn best by building something real

Prerequisites

  • TypeScript basics (types, interfaces, async/await)
  • Node.js v18+ or Bun
  • A code editor

Setup

Each chapter builds on the previous one and ends with a checkpoint (complete code so far) and FAQ.

Create a new project directory and initialize it:

mkdir blogduck && cd blogduck
npm init -y
npm install @gentleduck/iam typescript tsx
npx tsc --init
mkdir src
mkdir blogduck && cd blogduck
npm init -y
npm install @gentleduck/iam typescript tsx
npx tsc --init
mkdir src

Start with Chapter 1: Your First Permission Check.

Course Map

ChapterTopicWhat You Learn
1Your First Permission CheckRoles, Engine, MemoryAdapter, engine.can()
2Role HierarchiesInheritance, multiple roles, wildcards, validation
3Policies, Rules, and ConditionsABAC, combining algorithms, condition operators, $ variables
4The Engine In DepthHooks, caching, batch permissions, explain, Admin API
5Multi-Tenant ScopingScoped roles, tenant isolation, hierarchical resources
6Server IntegrationExpress, NestJS, Next.js, Hono middleware, permissions endpoint
7Client LibrariesReact, Vue, vanilla JS, permission-based UI rendering
8Production ReadinessType-safe config, validation, database adapters, testing, monitoring