Auth Is a Solved Problem. Pick One and Ship. The Solo Builder's Auth Guide
Supabase Auth vs Clerk vs Auth.js vs Firebase Auth vs Auth0. Real pricing, real limitations, and the decision tree for solo SaaS builders.
Auth is the one thing every SaaS needs and nobody wants to build from scratch. Email verification, password resets, social login, session management, route protection. It is solved infrastructure. The question is not how to build it. The question is which pre-built solution fits your stack without becoming a liability later.
- Supabase Auth: free, integrated with your DB, good enough for most solo builders. No DX magic but nothing to pay for.
- Clerk: best developer experience, pre-built UI components, $25/month after 10K MAU. Worth it if you hate building login forms.
- Auth.js (NextAuth): open-source, self-hosted, free forever. More setup work. 80+ providers out of the box.
- Firebase Auth: free tier is generous (50K MAU), Google ecosystem lock-in, harder to migrate away.
- Auth0/Okta: enterprise-grade, overkill for solo builders, expensive at scale. Skip it until you have enterprise deals.
- Recommendation: if you use Supabase for your database, use Supabase Auth. Otherwise, use Clerk.
The two questions that matter
Before comparing tools, answer these two questions. They cut the list to one or two options every time.
Do you already have a backend or database provider? If you are using Supabase for your database, using Supabase Auth costs nothing and keeps your user data in the same place. RLS policies tie directly to auth rows. There is no reason to pay for a separate auth tool when your database already includes one.
Do you want pre-built UI or will you build your own? Clerk ships ready-made sign-in, sign-up, and user profile components. Drop them in and you are done. Supabase Auth and Auth.js give you the logic but expect you to build the forms. If you would rather ship features than style a login page, Clerk is worth the money.
Integrated DB Auth
Supabase Auth: the default for Supabase stacks
Pricing: Free on the Supabase free tier (50K MAU included). Pro plan at $25/month adds more MAU, larger DB, and better performance. Auth itself does not cost extra on top of the DB plan.
Best at: Email/password, magic link, social OAuth (Google, GitHub, etc.), and phone OTP. RLS policies in Postgres read directly from the authenticated user row, so you get row-level security without a separate permission layer.
Limitation: The UI is completely DIY. Supabase gives you the JS client methods; you build the forms, the redirects, and the error states. The dashboard UX for managing users is basic. Fine for most solo builds. Noticeable if you need custom auth flows.
Pre-Built UI Auth
Clerk: best developer experience in the category
Pricing: Free up to 10K MAU. $0.02 per MAU after that, billed monthly. The $25/month estimate appears once you pass 10K users. Most solo builders stay on the free tier for months before hitting this.
Best at: Drop-in React and Next.js components. Sign-in, sign-up, user profile, organization management, and multi-factor auth are all pre-built. The integration is a few lines of code. Clerk also handles session tokens, webhooks for user events, and a clean admin dashboard.
Limitation: Once you are past 10K MAU, costs compound fast. At 50K MAU you are paying $800/month for auth alone. Also React/Next.js-first. Works in other frameworks but the DX is thinner outside the Next.js ecosystem.
Open-Source Auth
Auth.js (NextAuth): free, open-source, more setup
Pricing: Free forever, self-hosted. You pay only for whatever database you store sessions in. No MAU limits, no vendor pricing changes.
Best at: 80+ OAuth providers out of the box. Any Next.js app can wire up GitHub, Google, Discord, and dozens of others in under an hour. The v5 update (Auth.js) improved the API significantly and added support beyond Next.js.
Limitation: Next.js-focused by history. Support for other frameworks exists but the docs assume Next.js. Setup requires more configuration than Clerk. No hosted dashboard or admin panel. You manage user data yourself in your own database.
Google Ecosystem Auth
Firebase Auth: generous free tier, ecosystem lock-in
Pricing: Free up to 50K MAU on the Spark (free) plan. Blaze (pay-as-you-go) plan is needed for advanced features but auth itself stays free for most indie scales.
Best at: Email/password, phone SMS, anonymous auth, Google Sign-In. If you are already using Firestore, Firebase Storage, or Google Cloud, the auth integrates cleanly with the same SDK.
Limitation: Vendor lock-in is real. Migrating users away from Firebase Auth is painful because password hashes use a proprietary algorithm. If you ever want to move your database off Google's infrastructure, auth migration is a project in itself.
Enterprise Auth
Auth0: enterprise power, enterprise pricing
Pricing: Updated pricing in 2026 includes a free tier up to 25K MAU. Essential plan at $35/month for up to 500K MAU. Growth plan at $240/month. Enterprise is custom.
Best at: Complex enterprise requirements. Fine-grained authorization, machine-to-machine tokens, enterprise SSO, custom domains, extensive compliance features. The platform is genuinely deep.
Limitation: The complexity is enterprise-caliber too. Configuration lives in a dense admin portal. Pricing at scale is steep for indie projects. If your users are individuals paying $19/month, Auth0's feature set is overkill for years.
Comparison (mid-2026)
| Tool | Free tier | Paid starts at | Pre-built UI? | Best for |
|---|---|---|---|---|
| Supabase Auth | 50K MAU (with DB plan) | Included in DB plan | No | Supabase stacks |
| Clerk | 10K MAU | $0.02/MAU after | Yes | React/Next.js, DX-first |
| Auth.js | Unlimited (self-hosted) | Free forever | No | Next.js, open-source |
| Firebase Auth | 50K MAU | Free at scale (Blaze) | No | Google/Firebase stacks |
| Auth0 | 25K MAU | $35/mo (Essential) | Partial | Enterprise SaaS |
Decision tree
Are you using Supabase for your database?
YES -> Use Supabase Auth. Free, integrated, no extra accounts.
NO ->
Do you want pre-built UI components?
YES -> Use Clerk. Best DX, free to 10K MAU.
NO ->
Are you on Next.js?
YES -> Use Auth.js. Free, open-source, 80+ providers.
NO ->
Are you on Firebase / Google Cloud?
YES -> Use Firebase Auth. Free to 50K MAU.
NO -> Use Clerk (cross-framework) or Auth.js.FAQ
Is Supabase Auth good enough for production?
Yes. Supabase Auth handles email/password, magic link, social OAuth, and phone OTP. It integrates directly with Postgres RLS, so row-level security is tied to the authenticated user without a separate permissions service. It runs in production at scale. The only thing it lacks is a pre-built UI, which you build yourself.
Is Clerk worth $25/month?
If you value developer experience and want pre-built login components, yes. Clerk saves several days of form-building, session logic, and edge-case handling. If you are comfortable building your own login form and do not mind the Supabase client methods, Supabase Auth is free and works. The question is what your time is worth.
Should I use Auth0 for my indie SaaS?
Probably not. The 2026 free tier is more generous (25K MAU) but Auth0's complexity is calibrated for enterprise teams with compliance requirements. The admin portal, the configuration model, and the pricing at scale are all built for enterprise contracts, not $19/month indie users. Start with Supabase Auth or Clerk and revisit Auth0 if you land an enterprise deal that specifically requires it.
Can I switch auth providers later?
Technically yes, practically painful. Auth touches every protected route, every API check, and every session assumption in your codebase. Firebase Auth is especially hard to leave because of the proprietary password hash format. Supabase, Clerk, and Auth.js are more portable. Pick one early, plan to keep it, and document your auth flow so a future owner or contributor can understand it without you.
Before you wire up Clerk or Supabase Auth, make sure the niche you are building into has real demand and weak enough competition to enter. Run your idea through the Analyzer first.
Validate your idea free →