This guide will walk you through the basics of implementing UCAN (User Controlled Authorization Network) in your applications.
UCAN is a capability-based authorization system that enables users to delegate permissions without requiring a centralized authority. It's built on cryptographic tokens and allows for decentralized, secure, and fine-grained access control.
UCANs represent capabilities - specific permissions that can be delegated to others. Each capability defines what actions can be performed on which resources.
Users can delegate their capabilities to others, creating a chain of authorization. Delegations can include constraints like time limits and reduced scope.
To use a capability, you create an invocation that references the UCAN token and specifies the exact action you want to perform.
Select a UCAN library for your programming language. We have official implementations for JavaScript, Rust, and Go.
Browse LibrariesStart by creating a root UCAN that grants yourself the capabilities you need for your application.
Delegate capabilities to other users and create invocations to exercise those capabilities.
See ExamplesExplore the full specification to understand all of UCAN's capabilities and implementation details.