The 5-Minute Promise
Here's The Workflow. All Of It. This isn't an exaggeration. This is the entire setup process.
Clone the Repo
Get a clean, local copy of the codebase. No complex installers.
Add Your Keys
Open the .env.local.example file, rename it, and paste in your credentials.
Run the Dev Server
That's it. Your new app is running locally with a database, authentication, and payments ready to go.
Ready to build, not deconstruct?
Just the Good Stuff.
Zero Fluff.
Every choice was made to maximize your control and minimize complexity.
App Router, Server Components, and full TypeScript support for modern React development.
PostgreSQL database with built-in authentication, real-time subscriptions, and edge functions.
Utility-first CSS with beautiful, accessible components that you actually own.
Simple, developer-friendly payment processing with webhooks and subscription management.
Every tool has been proven in production by thousands of developers.
Built on web standards and maintained by companies you can trust.
Why These Choices?
Battle-Tested
Every tool has been proven in production by thousands of developers.
Future-Proof
Built on web standards and maintained by companies you can trust.
Developer Joy
Excellent documentation, great DX, and active communities.
Starter
PopularPerfect boilerplate to launch your SaaS quickly with essential features.
Pro
Best ValueComplete boilerplate with advanced features and premium support.
Frequently asked questions
Everything you need to know about using this Next.js SaaS boilerplate to build your application.
This boilerplate includes a complete SaaS foundation with Next.js 15, TypeScript, Supabase authentication, credit system, payment integration via DodoPayments, CSRF protection, rate limiting, SEO optimization, dynamic breadcrumbs, skeleton loading, and a responsive dashboard. Everything you need to launch your SaaS quickly.
The credit system provides comprehensive user credit management with real-time updates, payment integration, and secure server-side validation. Users can purchase credits through DodoPayments, and you can easily deduct credits for API calls or feature usage with automatic UI updates.
Yes! Security is built-in with CSRF protection for all forms, optional rate limiting via Upstash Redis, server-side validation, secure authentication through Supabase, and configurable security settings. All sensitive operations are protected and validated.
SEO is fully configurable through the centralized config/seo.ts file. You can customize titles, descriptions, keywords, social media cards, structured data, and more. The system uses Next.js 13+ Metadata API with automatic sitemap and robots.txt generation.
Absolutely! Features like rate limiting, CSRF protection, and credit system are modular. You can disable rate limiting by removing Upstash environment variables, skip CSRF protection for specific forms, or remove the credit system entirely if not needed.
Payments are handled through DodoPayments with seamless credit purchasing. The system includes pre-built payment pages, success handling, webhook integration, and automatic credit allocation. Users can buy credits that are immediately available in their account.
The skeleton loading system provides professional loading states for all pages. It includes three different skeleton layouts (PageSkeleton, SimplePageSkeleton, ListPageSkeleton) with smart page detection and context-based loading management for a smooth user experience.
CSRF protection is simple: wrap your page with CSRFProvider, add CSRFInput to your forms, and validate the token in your server actions. The system provides reusable components and clear documentation for easy implementation.
Yes! The entire application is built with responsive design using Tailwind CSS and shadcn/ui components. The dashboard adapts perfectly to all screen sizes with collapsible sidebars, mobile-optimized navigation, and touch-friendly interfaces.
Rate limiting is optional and easy to set up. Create a free Upstash Redis database, add the REST URL and token to your environment variables, and rate limiting will be automatically enabled. You can customize limits in the config/security.ts file.
The boilerplate uses Supabase as the database and authentication provider. Supabase offers PostgreSQL with real-time subscriptions, built-in authentication, row-level security, and a generous free tier. All database operations are type-safe with TypeScript.
Yes! The UI is built with shadcn/ui components and Tailwind CSS, making customization straightforward. All components are in the components/ui directory and can be easily modified. The design system is consistent and follows modern UI patterns.