From the .wasp config above, Wasp generates: Complete auth UI (login, signup, email verification, password reset) JWT session handling with secure cookies Route protection middleware Type-safe RPC layer (similar to tRPC) Email verification + password reset flows OAuth integration (Google, GitHub) You don't write any of this — you just configure it. ---

Wasp Review 2026: Full-Stack with Built-In Auth

TL;DR

Wasp is a full-stack language built on React + Node.js that eliminates most backend boilerplate — and it works. You define your app in a .wasp config file, and Wasp generates auth, routing, API endpoints, database, email, and background jobs. The result is genuinely faster development: auth in 5 minutes, email in 5 minutes, background jobs in 10 minutes. The cost: you're learning a DSL, and debugging generated code takes getting used to. For indie hackers and small teams willing to bet on Wasp, it's legitimately productive.

Key Takeaways

Type: Open source full-stack framework (React + Node.js + Prisma)
Key DX: Declare features in .wasp, Wasp generates the boilerplate
Built-in: Auth (email, Google, GitHub), email sending, background jobs, RPC (tRPC-like)
Database: Prisma + PostgreSQL
Best for: indie hackers, solo developers, small teams wanting fast iteration
GitHub: 14K+ stars, actively maintained

How Wasp Works

// main.wasp — the central config file
app MySaaS {
  wasp: { version: "^0.14.0" },
  title: "My SaaS",
  
  auth: {
    userEntity: User,
    methods: {
      email: {
        fromField: { name: "My SaaS", email: "noreply@mysaas.com" },
        emailVerification: { clientRoute: EmailVerificationRoute },
        passwordReset: { clientRoute: PasswordResetRoute },
      },
      google: {},
      github: {},
    },
    onAuthFailedRedirectTo: "/login",
  },
  
  emailSender: {
    provider: SendGrid,
    defaultFrom: { name: "My SaaS", email: "noreply@mysaas.com" },
  },
}

// Define your data model:
entity User {=psl
  id          Int     @id @default(autoincrement())
  email       String  @unique
  createdAt   DateTime @default(now())
  subscription Subscription?
psl=}

// Define routes:
route DashboardRoute { path: "/dashboard", to: DashboardPage }
page DashboardPage {
  authRequired: true,
  component: import { DashboardPage } from "@client/pages/DashboardPage.tsx",
}

// Define server-side actions (mutations):
action createPost {
  fn: import { createPost } from "@server/actions/posts.js",
  entities: [Post, User]
}

// Define queries:
query getPosts {
  fn: import { getPosts } from "@server/queries/posts.js",
  entities: [Post]
}

What Wasp Generates

From the .wasp config above, Wasp generates:

Complete auth UI (login, signup, email verification, password reset)
JWT session handling with secure cookies
Route protection middleware
Type-safe RPC layer (similar to tRPC)
Email verification + password reset flows
OAuth integration (Google, GitHub)

You don't write any of this — you just configure it.

Wasp Actions and Queries (RPC)

// src/server/actions/posts.ts
import type { CreatePost } from 'wasp/server/operations';
import { HttpError } from 'wasp/server';

type CreatePostArgs = { title: string; content: string };

export const createPost: CreatePost<CreatePostArgs, Post> = async (args, context) => {
  if (!context.user) throw new HttpError(401);
  
  return context.entities.Post.create({
    data: {
      title: args.title,
      content: args.content,
      authorId: context.user.id,
    },
  });
};

// src/client/pages/DashboardPage.tsx — client-side usage
import { useQuery, useAction } from 'wasp/client/operations';
import { getPosts, createPost } from 'wasp/client/operations';

export function DashboardPage() {
  const { data: posts, isLoading } = useQuery(getPosts);  // Auto-typed!
  const createPostFn = useAction(createPost);
  
  return (
    <div>
      {posts?.map(post => <div key={post.id}>{post.title}</div>)}
      <button onClick={() => createPostFn({ title: 'New Post', content: '...' })}>
        Create Post
      </button>
    </div>
  );
}

Background Jobs

// Declare a job in main.wasp:
job weeklyReport {
  executor: PgBoss,
  perform: {
    fn: import { sendWeeklyReport } from "@server/jobs/weeklyReport.js",
  },
  schedule: {
    cron: "0 9 * * MON",  // Every Monday 9am
  },
  entities: [User],
}

// src/server/jobs/weeklyReport.ts
export const sendWeeklyReport = async (_args: unknown, context: JobContext) => {
  const users = await context.entities.User.findMany({
    where: { weeklyReportsEnabled: true },
  });
  
  for (const user of users) {
    await sendReportEmail(user);
  }
};

Wasp vs Next.js + T3

	Wasp	T3 Stack (create-t3-app)
Setup time	~5 minutes	~15 minutes
Auth included	✅	❌ (add NextAuth separately)
Email included	✅	❌
Background jobs	✅	❌
Learning curve	Medium (learn .wasp)	Medium (learn tRPC)
Framework lock-in	High (Wasp-specific)	Medium (T3 conventions)
Ecosystem	Small (Wasp-only)	Huge (Next.js ecosystem)
Deployment	Fly.io / Railway / VPS	Vercel (native)

Who Should Use Wasp

Use Wasp if:
  → Indie hacker or solo developer
  → Want to minimize boilerplate
  → Willing to learn Wasp's conventions
  → Self-hosting on VPS/Railway/Fly.io
  → OpenSaaS template appeals to you

Skip Wasp if:
  → Team requires standard Next.js/React
  → Need Vercel-native deployment
  → Enterprise environment with strict tech standards
  → Need the full Node.js ecosystem without constraints

Verdict: Wasp genuinely accelerates development for solo developers and small teams. The .wasp config is the learning curve — once past it, auth/email/jobs take minutes instead of hours. If you're an indie hacker building your first SaaS, Wasp + OpenSaaS is worth serious consideration.

Getting Started with Wasp

curl -sSL https://get.wasp-lang.dev/installer.sh | sh
wasp new my-saas
cd my-saas

# Or use OpenSaaS (the recommended production template):
wasp new -t saas my-saas
cd my-saas && cp .env.server.example .env.server

The Wasp CLI installs a language server alongside the framework. After cloning, configure your .env.server with database URL, Stripe keys, and email provider. The first wasp start compiles the config and starts both frontend (React, port 3000) and backend (Express, port 3001) together.

The OpenSaaS Template

OpenSaaS is Wasp's official production SaaS template — free and open source. It's what most developers use when starting with Wasp for a real product:

Stripe subscriptions with webhook handling
Auth: email/password + Google OAuth
Admin panel (using Shadcn + Prisma)
Blog (MDX-based)
Analytics via Plausible or Google Analytics
Email via SendGrid or Mailgun
Landing page with pricing table

OpenSaaS is more complete than most paid boilerplates and benefits from Wasp's code generation. The tradeoff: you're learning Wasp's mental model alongside React and Node.js. For developers comfortable with both frameworks, the learning curve is two to three days; for those newer to full-stack JavaScript, plan for a week.

The OpenSaaS GitHub repository (3K+ stars) has active issues and PR activity, indicating a healthy community for a framework-specific template. Questions that fall outside Wasp's documentation often get answered in their Discord within hours.

Wasp Deployment

Wasp's deployment story is improving but differs from Next.js:

# Fly.io (recommended for Wasp)
wasp deploy fly setup my-saas --org personal
wasp deploy fly create-db production
wasp deploy fly deploy

# Manual build (for other platforms):
wasp build
# Outputs: .wasp/build/web-app/ (React) and .wasp/build/server/ (Node.js)
# Deploy each separately to your platform

Platform support:

Fly.io: First-class support via wasp deploy fly — the easiest path
Railway: Deploy the server and client separately; environment variable configuration required
Vercel: Frontend works; backend needs a separate Node.js service (not a single-click deploy)
Render: Works well for both services with Docker

Wasp doesn't support Vercel's serverless model natively — the Node.js backend runs as a persistent service. This means the "instant deploy to Vercel" experience that Next.js developers expect isn't available. For teams committed to Vercel, this is a meaningful constraint.

Developer Experience Over Time

Wasp's .wasp config is the initial adjustment. Once past that, the DX is genuinely faster than equivalent Next.js work:

Auth took 5 minutes to configure vs 2+ hours to implement manually
Background jobs took 10 minutes vs installing and configuring Bull Queue
Email took 5 minutes vs writing provider-specific wrapper code

The productivity gains compound over the first few weeks. The main ongoing friction: when you hit the edge of what Wasp supports (custom middleware, unconventional auth flows, complex file uploads), you're working against the framework's abstractions rather than with them. Wasp's escape hatches exist but require understanding the generated code.

For standard SaaS patterns — auth, CRUD, billing, email, jobs — Wasp handles them well. For products with unusual requirements, verify Wasp can support them before committing.

Key Takeaways

Wasp generates auth, routing, RPC, email, and background jobs from a .wasp config — no boilerplate to write
The OpenSaaS template is the recommended starting point: free, production-ready, and more complete than most paid starters
Deployment via Fly.io is first-class; Vercel requires splitting frontend and backend
Best for indie hackers and small teams willing to invest a few days learning Wasp's model
The ecosystem is smaller than Next.js, but the community is active and Wasp ships frequent updates
Skip Wasp if your team requires standard Next.js, Vercel-native deploys, or needs specific middleware patterns that aren't yet supported by Wasp's abstraction layer
Wasp's 14K+ GitHub stars and active Discord indicate a community that will be there when you hit edge cases

The DSL Trade-Off in Practice

Wasp's .wasp configuration file is the clearest example of the framework's philosophy: declare your intent, let the framework handle the implementation. This works remarkably well for the features Wasp supports directly — auth, routes, emails, jobs, and the RPC layer. For a solo developer or small team that wants to ship a SaaS without becoming an expert in Next.js App Router, tRPC configuration, email provider setup, and background job architecture, Wasp genuinely delivers on its promise.

The trade-off becomes visible when you need something Wasp doesn't yet support, or when you need to debug generated code. The Wasp compiler produces a React and Node.js project in a .wasp/out directory. This generated output is readable, but modifying it directly isn't the intended workflow — changes can be overwritten by the next Wasp build cycle. The intended pattern is to declare everything in .wasp and write custom logic in the TypeScript files that .wasp references. When you hit a limitation of the DSL, workarounds can feel constrained compared to just writing arbitrary Next.js middleware.

Teams evaluating Wasp should be realistic about the ecosystem size difference. Stack Overflow coverage for Wasp-specific problems is sparse. The Wasp Discord community is active and responsive, but it's no substitute for the breadth of resources available for Next.js. This matters most during debugging sessions — when something breaks in production, finding a solution quickly depends on community coverage.

Who Uses Wasp Successfully in 2026

The profile of a successful Wasp user is someone who has already experienced the boilerplate pain of setting up auth, Stripe, and transactional emails on a previous project, and wants to skip that phase entirely on the next one. Developers building their second or third SaaS product, who know what they need to ship and just want the plumbing handled, get the most value from Wasp's abstractions.

First-time SaaS builders also do well with Wasp because the initial setup hurdles — particularly auth and email — are genuinely hard to get right from scratch. Wasp's handled versions work correctly, which is more valuable than it sounds for someone learning while building.

Wasp is a worse fit for teams with strict technology standardization requirements, large teams where onboarding new developers to a custom DSL has real costs, products with unusual infrastructure requirements (Wasp's Node.js backend is persistent, not serverless), and teams where Vercel deployment is a hard requirement.

Comparing Wasp to the Paid Boilerplate Market

Wasp's OpenSaaS template competes directly with paid Next.js boilerplates like ShipFast ($299) and Supastarter ($299-599). The feature comparison is favorable to OpenSaaS: you get Stripe subscriptions, auth, email, jobs, an admin panel, and a blog — comparable to or exceeding what paid boilerplates ship. The cost is zero.

The hidden cost is the Wasp learning curve and the smaller ecosystem. Paid Next.js boilerplates deploy to Vercel in five minutes and the framework is identical to what most developers already know. With Wasp, you spend a few days learning before you're productive. Whether this trade-off is worth it depends on how long you plan to maintain the product — a weekend project might not justify the learning investment, but a product you plan to develop for months benefits from Wasp's automation.

For a detailed comparison of Wasp vs Next.js-based starters, see the Wasp vs T3 Stack vs ShipFast comparison. For teams who want a free open-source alternative without the Wasp learning curve, the T3 Stack review and Next SaaS Starter are the closest comparisons.

Compare Wasp with other SaaS starters at StarterPick.

See our Open SaaS review for the full OpenSaaS template breakdown.

Browse best free SaaS boilerplates for alternatives including T3 Stack and Next SaaS Starter.

The SaaS Boilerplate Matrix (Free PDF)