SaaS Boilerplate vs Building from Scratch
TL;DR
Use a boilerplate if you're building a product, not a platform. For 90% of SaaS founders, a boilerplate delivers higher-quality infrastructure faster than building from scratch. The exceptions are real: highly specific technical requirements, existing platform teams, or products where infrastructure is a differentiator. The question isn't "boilerplate or scratch" — it's "which boilerplate, and what will you build on top."
The Honest Comparison
Before the comparison: "building from scratch" is a myth for most developers. You're assembling packages either way. The real question is whether you assemble a pre-assembled collection (boilerplate) or assemble the raw ingredients yourself.
Boilerplate approach:
├── ShipFast ($299)
│ ├── NextAuth (assembled for you)
│ ├── Stripe integration (assembled for you)
│ ├── Email setup (assembled for you)
│ └── Landing page (assembled for you)
└── Your product code on top
"Scratch" approach:
├── NextAuth (you assemble)
├── Stripe SDK (you assemble)
├── Resend SDK (you assemble)
├── Landing page (you build)
└── Your product code on top
The second approach takes 2-4 weeks of your time. That time has a cost.
When Boilerplates Win
1. Speed to First Revenue
For every week you spend on infrastructure instead of product:
- You get feedback later
- You burn runway faster
- Competitors gain ground
A boilerplate compresses auth + billing + email setup from 2-4 weeks to 2-4 days.
2. Handling Edge Cases You Don't Know Exist
Good boilerplates encode hard-won knowledge:
// ShipFast's Stripe webhook handling
// This looks simple. Building it correctly is not.
export async function POST(req: Request) {
const body = await req.text();
const sig = req.headers.get('stripe-signature');
// Verify signature BEFORE parsing JSON — important for security
let event: Stripe.Event;
try {
event = stripe.webhooks.constructEvent(body, sig!, webhookSecret);
} catch (err) {
// Don't expose error details in response — security
return NextResponse.json({ error: 'Invalid signature' }, { status: 400 });
}
// Handle events idempotently — webhooks can be delivered multiple times
const idempotencyKey = event.id;
const existing = await redis.get(`webhook:${idempotencyKey}`);
if (existing) return NextResponse.json({ received: true }); // Already processed
// Process and mark as done
await processStripeEvent(event);
await redis.set(`webhook:${idempotencyKey}`, 'processed', { ex: 86400 });
return NextResponse.json({ received: true });
}
First-time implementation often misses: signature verification, idempotency, proper error handling, failed webhook retries. Boilerplates get this right.
3. Maintained Dependencies
Boilerplates (good ones) update dependencies. When a security vulnerability hits NextAuth or Stripe, Makerkit users get a patch. Scratch builders must monitor and apply patches themselves.
When Building From Scratch Wins
1. You Have a Platform Team
If your company has 5+ engineers dedicated to infrastructure, building internal tooling makes sense. Auth, billing, and observability can be standardized across products.
2. Highly Non-Standard Requirements
Some requirements break boilerplate assumptions:
- Custom auth protocol (SAML federations, custom SSO)
- Non-standard billing (usage-based with complex calculations)
- Unusual deployment (air-gapped environments, sovereign cloud)
- Platform product (your product IS auth or billing for other companies)
3. Infrastructure Is Your Differentiation
If your competitive advantage includes infrastructure (e.g., you're a bank), buying off-the-shelf infrastructure undermines that differentiation.
4. You're an Experienced Team That Hates Other People's Abstractions
Some senior developers genuinely ship faster with their own abstractions. If a team has built 5+ SaaS products from scratch and has reusable patterns, their "scratch" is actually a private boilerplate.
The Real Cost Comparison
Boilerplate route:
| Item | Cost |
|---|---|
| ShipFast purchase | $299 |
| 3 days setup + customization (at $150/hr) | $3,600 |
| Total | ~$3,900 |
Scratch route:
| Item | Cost |
|---|---|
| Auth implementation (5 days) | $6,000 |
| Stripe integration (5 days) | $6,000 |
| Email setup (2 days) | $2,400 |
| Landing page (3 days) | $3,600 |
| Admin panel (5 days) | $6,000 |
| Bug fixes for edge cases (ongoing) | $3,000 |
| Total | ~$27,000 |
These numbers assume a $150/hr developer. Even at $50/hr, scratch costs 5x more.
The hidden cost not shown: Time-to-market. The scratch route takes 20 days. The boilerplate route takes 3 days. At a 6-month runway, those 17 days are 10% of your runway.
What to Customize, What to Keep
The boilerplate dilemma: you'll be tempted to rewrite things that "annoy" you. Resist:
| Keep as-is | Safe to customize | Worth rewriting |
|---|---|---|
| Auth flows | UI components | Almost nothing |
| Stripe webhook handling | Email templates | (Seriously, don't) |
| Session management | Copy and content | |
| Database schema (initial) | Color scheme |
Rewriting auth is how you introduce security bugs. Rewriting Stripe webhook handling is how you lose revenue. Keep the hard parts from the boilerplate and customize the surfaces.
The Honest Recommendation
Use a boilerplate for your first 2 SaaS products. By product 3, you'll have opinions about what you want to change — and the experience to change it safely. Build your own starter at that point.
The best developers I know who "build from scratch" aren't building from zero — they've accumulated a personal starter over years. That's not scratch; that's a private boilerplate.
Compare the top boilerplates to find the right starting point for your SaaS on StarterPick.
Check out this boilerplate
View ShipFast on StarterPick →