diff --git a/blog/urls.py b/blog/urls.py
index 50fcb37..f00fcc6 100644
--- a/blog/urls.py
+++ b/blog/urls.py
@@ -1,9 +1,10 @@
 # blog/urls.py
 
 from django.urls import path
-from .views import PostListView, PostListCreateView
+from .views import PostListView, PostListCreateView, PostDetailView
 
 urlpatterns = [
     path('posts/', PostListView.as_view(), name='post-list'),
     path('create/', PostListCreateView.as_view(), name='post-list-create'),
+    path('posts/<int:pk>/', PostDetailView.as_view(), name='post-detail'),
 ]
diff --git a/blog/views.py b/blog/views.py
index e2d9d3e..213630f 100644
--- a/blog/views.py
+++ b/blog/views.py
@@ -1,25 +1,48 @@
 # blog/views.py
 
 from rest_framework import generics, permissions
+from rest_framework.exceptions import PermissionDenied
 from .models import Post
 from .serializers import PostSerializer
-from .utils import verify_token_with_auth_server  # ✅ 추가
-
+from .utils import verify_token_with_auth_server
 
 class PostListView(generics.ListAPIView):
     queryset = Post.objects.all().order_by('-created_at')
     serializer_class = PostSerializer
-    # permission_classes = [permissions.IsAuthenticated]
     permission_classes = [permissions.AllowAny]
-    
+
 class PostListCreateView(generics.ListCreateAPIView):
     queryset = Post.objects.all().order_by('-created_at')
     serializer_class = PostSerializer
     permission_classes = [permissions.IsAuthenticated]
 
     def perform_create(self, serializer):
-        # ✅ 토큰 추출 및 유효성 2차 검증
+        token = self.request.headers.get("Authorization", "").replace("Bearer ", "")
+        verify_token_with_auth_server(token)
+        serializer.save(author_name=self.request.user.username)
+
+# ✅ 조회, 수정, 삭제 전부 처리
+class PostDetailView(generics.RetrieveUpdateDestroyAPIView):
+    queryset = Post.objects.all()
+    serializer_class = PostSerializer
+
+    def get_permissions(self):
+        if self.request.method in ["PUT", "PATCH", "DELETE"]:
+            return [permissions.IsAuthenticated()]
+        return [permissions.AllowAny()]
+
+    def perform_update(self, serializer):
         token = self.request.headers.get("Authorization", "").replace("Bearer ", "")
         verify_token_with_auth_server(token)
 
-        serializer.save(author_name=self.request.user.username)
+        if serializer.instance.author_name != self.request.user.username:
+            raise PermissionDenied("작성자만 수정할 수 있습니다.")
+        serializer.save()
+
+    def perform_destroy(self, instance):
+        token = self.request.headers.get("Authorization", "").replace("Bearer ", "")
+        verify_token_with_auth_server(token)
+
+        if instance.author_name != self.request.user.username:
+            raise PermissionDenied("작성자만 삭제할 수 있습니다.")
+        instance.delete()
diff --git a/version b/version
new file mode 100644
index 0000000..6812f81
--- /dev/null
+++ b/version
@@ -0,0 +1 @@
+0.0.3
\ No newline at end of file