TL;DR
Stop building your own auth. In 2026, pick one of these three:
- Clerk — 30 lines of code, beautiful UI, 10,000 free MAU
- Supabase Auth — DB-native, RLS integration, 50,000 free MAU
- NextAuth v5 — OSS, full control, free forever
Why You Shouldn't Build Your Own Auth
Hashing passwords. Email verification. Password reset. Session management. OAuth. 2FA.
I tried to roll my own. Spent 3 days. Gave up. Switched to Supabase Auth. Done in 30 minutes.
Your time is the one resource you can't scale. Don't waste it on problems that are 100% solved.
1. Clerk — Fastest to Ship
// app/layout.tsx
import { ClerkProvider } from '@clerk/nextjs';
export default function RootLayout({ children }) {
return (
<ClerkProvider>
<html>{children}</html>
</ClerkProvider>
);
}
// app/sign-in/[[...sign-in]]/page.tsx
import { SignIn } from '@clerk/nextjs';
export default () => <SignIn />;
Ship in 10 minutes. Beautiful default UI. Organizations built-in for B2B SaaS.
Free tier: 10,000 MAU. Pro: $25/month.
2. Supabase Auth — Best for SaaS
import { createClient } from '@supabase/supabase-js';
export const supabase = createClient(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
);
// Sign up
await supabase.auth.signUp({ email, password });
// OAuth
await supabase.auth.signInWithOAuth({ provider: 'google' });
UI is your job (or use @supabase/auth-ui-react).
Killer feature: Row Level Security. Gate paid features with SQL policies:
CREATE POLICY "paid_users_only" ON premium_feature
FOR SELECT USING (
EXISTS (
SELECT 1 FROM subscriptions
WHERE user_id = auth.uid() AND status = 'active'
)
);
Free tier: 50,000 MAU. Pro: $25/month (includes DB).
3. NextAuth v5 — Full Control
import NextAuth from 'next-auth';
import Google from 'next-auth/providers/google';
export const { auth, handlers, signIn, signOut } = NextAuth({
providers: [Google],
session: { strategy: 'jwt' }
});
20+ providers. Your DB. Your rules.
Free tier: Infinite (OSS). You pay for the DB separately.
Decision Flowchart
Building a SaaS with subscriptions?
YES → Supabase Auth (RLS + Stripe = 🔥)
NO → Does UI polish matter more than control?
YES → Clerk
NO → NextAuth
Vendor Lock-in
| Service | Lock-in | Migration cost |
|---|---|---|
| Clerk | High | All users must re-register |
| Supabase Auth | Medium | Rewrite auth layer |
| NextAuth | Low | Swap providers freely |
For indie devs, high lock-in is fine early on. Shipping > optimizing.
Monetization Path
Auth is just the beginning. The real play:
User signs up (auth)
↓
Free tier (RLS gate open)
↓
Hits a limit / wants premium (Stripe Checkout)
↓
RLS gate opens for paid features
↓
💰
At ~100 signups → 10 paying users × $5/month = $50/month. Realistic starting point.
Full guide (Japanese)
For detailed pricing, code comparisons, and revenue simulation, see the full guide on masatoman.net (Japanese).
Top comments (0)