Technical Details of the Next.js Supabase SaaS Starter Kit

Tech stack overview: Next.js 16, React 19, Supabase, Tailwind CSS 4, Turborepo monorepo with TypeScript, Shadcn UI, and Zod.

The kit is built as a Turborepo monorepo using these core technologies:

TechnologyVersionPurpose
Next.js16App Router with Turbopack
React19UI framework
SupabaseLatestDatabase, Auth, Storage
Tailwind CSS4Styling
TypeScript5.9+Type safety
pnpm10.19+Package manager
Node.js20.10+Runtime (required)

Key Libraries

  • Shadcn UI (Radix-based) for accessible UI components
  • React Query (@tanstack/react-query) for client-side data fetching
  • Zod for schema validation
  • Lucide for icons
  • react.email for email templates
  • Nodemailer or Resend for sending emails

The kit deploys to Vercel, Cloudflare, or any Node.js hosting. Edge runtime support enables deployment to Cloudflare Workers.

Monorepo Structure

Core Packages

PackageImportPurpose
@kit/ui@kit/ui/*Shadcn UI components and custom components
@kit/supabase@kit/supabase/*Supabase clients, types, and queries
@kit/next@kit/next/*Server Actions, route handlers, middleware utilities
@kit/shared@kit/shared/*Shared utilities and helpers
@kit/i18n@kit/i18n/*Internationalization utilities

Feature Packages

Located in packages/features/:

PackagePurpose
@kit/authAuthentication flows (Supabase Auth)
@kit/accountsPersonal account management
@kit/team-accountsTeam/organization management
@kit/adminSuper admin dashboard
@kit/notificationsIn-app notifications

Billing Packages

Located in packages/billing/:

PackagePurpose
@kit/billingCore billing logic and types
@kit/billing-gatewayPayment provider abstraction
@kit/stripeStripe integration
@kit/lemon-squeezyLemon Squeezy integration

Infrastructure Packages

PackagePurpose
@kit/mailersEmail provider abstraction (Resend, Nodemailer, SendGrid)
@kit/email-templatesReact Email templates
@kit/monitoringError tracking (Sentry, Baselime)
@kit/analyticsUser behavior tracking
@kit/database-webhooksDatabase trigger handlers
@kit/cmsContent management abstraction
@kit/keystaticKeystatic CMS integration
@kit/wordpressWordPress headless CMS integration
@kit/policiesAuthorization policy helpers
@kit/otpOne-time password utilities

Application Configuration

Configuration files live in apps/web/config/:

FilePurpose
app.config.tsApp name, description, URLs
auth.config.tsAuth providers, redirect paths
billing.config.tsBilling provider, plans
feature-flags.config.tsFeature toggles
paths.config.tsRoute definitions
personal-account-navigation.config.tsxPersonal dashboard sidebar
team-account-navigation.config.tsxTeam dashboard sidebar

Key Patterns

Server Actions

Use enhanceAction from @kit/next/actions for type-safe, validated server actions:

import { enhanceAction } from '@kit/next/actions';
import { z } from 'zod';
const schema = z.object({ name: z.string().min(1) });
// Authenticated action (default: auth is required)
export const updateName = enhanceAction(async (data, user) => {
  // data is validated, user is authenticated
}, { schema });
// Public action (no auth required)
export const submitContact = enhanceAction(async (data) => {
  // data is validated, no user required
}, { schema, auth: false });

By default, auth: true requires authentication. Set auth: false for public actions like contact forms.

Route Handlers

Use enhanceRouteHandler from @kit/next/routes for API routes:

import { enhanceRouteHandler } from '@kit/next/routes';
export const POST = enhanceRouteHandler(async ({ body, user }) => {
  // body is parsed, user is available
  return NextResponse.json({ success: true });
}, { schema: yourSchema });

Supabase Clients

// Server Components and Server Actions
import { getSupabaseServerClient } from '@kit/supabase/server-client';
// Admin operations (bypasses RLS)
import { getSupabaseServerAdminClient } from '@kit/supabase/server-admin-client';

Deployment Targets

The kit supports multiple deployment targets:

  • Vercel: Zero-config deployment with environment variables
  • Cloudflare Pages/Workers: Edge runtime support
  • Docker: Self-hosted deployments
  • Any Node.js host: Standard Next.js deployment

For production deployment, see the going to production checklist.