hectoday
DocsCoursesChangelog GitHub
DocsCoursesChangelog GitHub

Access Required

Enter your access code to view courses.

Invalid code

← All courses

Authorization with @hectoday/http

Build a complete authorization system from simple roles to multi-tenant permissions. RBAC, fine-grained permissions, organization scoping, invites, API keys, and policy functions — all with plain functions on Hectoday HTTP.

Intermediate ~7 hours

Beyond Authentication

  1. Authentication vs. Authorization
  2. Project Setup

Role-Based Access Control (RBAC)

  1. Roles and What They Mean
  2. Checking Roles in Route Handlers
  3. Role Hierarchy

Permission-Based Access Control

  1. From Roles to Permissions
  2. Checking Permissions
  3. Custom Permissions

Organization Scoping

  1. Multi-Tenancy
  2. Switching Organizations
  3. Inviting Members

API Keys and Scoping

  1. API Keys
  2. Scoped API Keys

Putting It All Together

  1. Policy Functions
  2. Audit Logging
  3. Authorization Checklist
  4. Capstone: Multi-Tenant Notes API

© 2026 hectoday. All rights reserved.