DEV Community

Cover image for Next.js Quick Guide to Server Actions (App Router)
Alvison Hunter Arnuero | Front-End Web Developer
Alvison Hunter Arnuero | Front-End Web Developer

Posted on

Next.js Quick Guide to Server Actions (App Router)

#nextjs #serverless #actions #typescript

Ever heard of NextJS Server Actions? It’s one of those buzzwords floating around modern web development—but what does it really mean? If you’re curious (or just a bit lost), let me share my quick take on it:

Wait… What the Heck Are Server Actions in NextJS?
This is a perfectly valid first question. Let’s take a moment to address it.

A Server Action is simply an async function marked with the 'use server' directive. This directive tells Next.js to treat the function as a secure, server-only endpoint.

Think of Server Actions like this:
Instead of sending a letter (API request) to another building (API route), you’re now talking directly to the person in the next room (the server).

Before Server Actions, a simple form required:

  • A form
  • A fetch call
  • An /api route
  • JSON parsing
  • Error handling
  • Extra boilerplate

With Server Actions, you:

  • Write one server function
  • Call it directly from your form
  • Let Next.js handle the wiring

This makes your app:

  • Simpler
  • More secure
  • Easier to reason about
  • More accessible

Eliminating API Route Middleman with Server Actions

Next.js 15 fully embraces React Server Actions, transforming how full-stack developers manage data mutations. Instead of creating and maintaining separate API routes (/api/*) for simple form submissions, you can now run secure, server-side logic directly from your components, reducing boilerplate, simplifying architecture, and making full-stack development feel more seamless than ever.

Next.js 15 takes a huge leap forward by fully embracing React Server Actions, changing the way Full-Stack Developers handle data mutations.

But what does that actually mean?

Instead of creating separate API Routes (like /api/*) just to handle simple form submissions or small server-side tasks, you can now execute secure server-side logic directly from your component code. Yes—your components can talk to the server without needing extra API endpoints for internal operations.

A few important points to keep in mind:

  • Server Actions replace API routes only for internal app logic—things your app needs internally but doesn’t expose publicly.

  • You still need API routes when you want to expose data publicly or allow third-party clients to interact with your backend.

This change simplifies development, reduces boilerplate, and keeps your server logic tightly connected to your components—making Full-Stack coding more intuitive than ever.

How to Define and Use a Server Action

As mentioned earlier in this article, a Server Action is simply an async function that includes the 'use server' directive. This directive signals to Next.js that the function must run exclusively on the server, allowing it to act as a secure, server-only endpoint.

As a result, the code is never exposed to the browser, making it ideal for handling sensitive logic such as database operations, authentication, or form submissions.

1. Define the Action (Server Code)

Where should this live within the app’s folder structure?

For a clean, centralized, maintainable, and scalable setup, it’s best to place it in a dedicated Server Actions directory. This keeps your server-only logic separate from client components, your codebase clean, modular, and easy to maintain and makes your project easier to navigate. For example:

src/
 ├─ actions/
 │   └─ post.ts        // Server Action (server-only)
 └─ components/
     └─ NewPostForm.tsx // Client Component
Enter fullscreen mode Exit fullscreen mode

  • actions/ – contains server-only functions, like API calls or database interactions.

  • components/ – contains client-side React components, such as forms or UI elements.

This separation clearly distinguishes between server logic and client code, which improves readability, scalability, and maintainability.

"use server";

import { revalidatePath } from "next/cache";
// import { z } from "zod"; // Optional but recommended
// import { db } from "@/lib/db";

export async function createNewPost(
  prevState: { success: boolean; message: string },
  formData: FormData
) {
  try {
    const title = formData.get("title") as string;
    const content = formData.get("content") as string;

    if (!title || !content) {
      return { success: false, message: "All fields are required." };
    }

    // Secure database operation (server-only)
    await db.posts.create({
      data: { title, content },
    });

    // Refresh cached pages that depend on this data
    revalidatePath("/blog");

    return { success: true, message: "Post created successfully!" };
  } catch (error) {
    return {
      success: false,
      message: "Something went wrong. Please try again.",
    };
  }
}
Enter fullscreen mode Exit fullscreen mode

Why This Method Is Effective and Secure

  • Executes exclusively on the server, never in the browser
  • Database credentials remain fully protected and are never exposed
  • Eliminates the need for custom API routes, reducing complexity
  • Includes robust, built-in error handling for safer execution
  • Automatically revalidates and updates the cache, keeping data in sync

This approach results in cleaner architecture, improved security, and better performance with minimal overhead.

Client Component: Triggering Server Actions from the UI

components/NewPostForm.tsx

"use client";

import { useActionState } from "react";
import { createNewPost } from "@/actions/post";

const initialState = {
  success: false,
  message: "",
};

export default function NewPostForm() {
  const [state, formAction] = useActionState(createNewPost, initialState);

  return (
    <form action={formAction} className="space-y-4 max-w-md">
      <input
        type="text"
        name="title"
        required
        placeholder="Post Title"
        className="w-full border p-2 rounded"
      />

      <textarea
        name="content"
        required
        placeholder="Post Content"
        className="w-full border p-2 rounded"
      />

      <button
        type="submit"
        className="bg-blue-500 text-white px-4 py-2 rounded"
      >
        Create Post
      </button>

      {state.message && (
        <p
          className={`text-sm ${
            state.success ? "text-green-600" : "text-red-600"
          }`}
        >
          {state.message}
        </p>
      )}
    </form>
  );
}
Enter fullscreen mode Exit fullscreen mode

Why this method works well?

  • “Client Component” → clearly signals use client
  • “Triggering Server Actions” → aligns with modern Next.js App Router concepts
  • “from the UI” → beginner-friendly and descriptive
  • Keeps the heading clean, semantic, and SEO-friendly

Why useActionState Is a Big Deal with Server Actions?

Imagine filling out and submitting a form on a website.

  • Without Server Actions → Everything depends on JavaScript. If JavaScript fails to load, errors out, or is blocked, the form simply doesn’t work.
  • With Server Actions → The browser can submit the form directly to the server, even if JavaScript is slow or completely unavailable.

This approach is called progressive enhancement — you start with a solid, reliable experience, then layer on JavaScript for extra interactivity instead of making it a requirement.

Why This Matters

  • Better accessibility Works naturally with screen readers and assistive technologies.
  • More inclusive Performs well on slow networks, older devices, or low-end hardware.
  • More resilient apps Fewer JavaScript dependencies means fewer points of failure.
  • Less client-side JavaScript Smaller bundles, faster load times, and improved performance overall.

In short, useActionState helps you build apps that work first, then get better — instead of breaking when JavaScript isn’t perfect.

What You Learned

By leveraging useActionState, the form gets progressive enhancement by default, meaning it works even if JavaScript is disabled—a key win for accessibility and reliability in modern Web Development.

The Server Action pattern is central to the full-stack architecture espoused by most modern developers nowadays.

  • Server Actions let you run server code directly from forms
  • You no longer need /api routes for simple mutations
  • Your database logic stays secure
  • Next.js handles caching, validation flow, and form submission
  • Your app becomes simpler and more reliable

When to Use Server Actions

  • Form submissions
  • Database writes
  • Internal mutations

When NOT to Use Them

  • Public APIs
  • Third-party integrations
  • External clients (mobile apps, etc.)

About the Author

Alvison Hunter is a Full-Stack Software Engineer with strong specialization in frontend engineering and modern JavaScript ecosystems. He builds fast, scalable, and SEO-optimized web applications using React, Next.js, Vue, Node.js, and cloud-native architectures.

With a deep focus on clean UI design, performance, and maintainable code, Alvison helps businesses and creators turn ideas into reliable digital products.

👉 Explore custom React, NextJS & Vue web development, frontend architecture, and full-stack solutions at https://www.codecrafterslabs.com

Find Alvison Hunter online:

❤️ Enjoyed the article? Your feedback fuels more content.
💬 Share your thoughts in a comment.
🔖 No time to read now? Well, Bookmark for later.
🔗 If it helped, pass it on, dude!

Top comments (0)