Skip to content
Slicekit

Documentation

Build with Slicekit

Everything you need to clone the template, run it locally, and ship features across the .NET API and the React SPA.

Getting Started

Introduction

What Slicekit is, who it is for, and how the documentation is organised.

What Slicekit includes

A map of what ships in the box: the foundations every SaaS needs, already assembled and tested, with a guide for each.

Getting started

Clone the template, bring up local infrastructure, and run both the API and the frontend.

Project structure

A tour of the repository: the API, the frontend, infrastructure, docs and CI.

AI-assisted development

Why Slicekit is a codebase your AI coding assistant can actually work in, and how to get the most from it.

Concepts

Architecture overview

Vertical slice architecture, the .NET projects and the patterns that divide them, the React SPA, and how a feature is added across both sides.

Adding a vertical slice

A step-by-step recipe for adding a new feature, from the command in Slicekit.Core to the thin HTTP endpoint in Slicekit.Api.

CQRS and domain events

How commands, queries and events flow through Wolverine, and the transactional outbox that makes messaging reliable.

Domain-driven design

Aggregates, invariants and domain events: how the domain model is structured and why handlers stay thin.

Authentication & permissions

Cookie sessions with CSRF, role and permission checks, admin impersonation and the audit trail.

Backend guides

Adding a database migration

Create, apply and review EF Core migrations against the AppDbContext, and how migrations run on startup.

Adding a permission

Define a new permission in the Allow catalogue, assign it to roles, and enforce it on endpoints and in the UI.

The settings pattern

Add strongly-typed, validated configuration with the settings pattern and bind it from appsettings and environment variables.

Adding an OAuth provider

Wire up an external OAuth provider (Google, GitHub, ...) alongside the cookie sessions, end to end.

Two-factor authentication

How time-based one-time password (TOTP) two-factor authentication works, and how to enroll, verify and recover.

Rate limiting

Apply and tune rate-limit policies on endpoints, and the defaults that ship with the template.

Pagination

Return paged, sortable list results with the shared pagination primitives, from query to typed client.

Auditing

Record who did what by emitting audit events, and where the trail is stored and surfaced.

Domain and integration events

Publish and handle domain and integration events over Wolverine, with the transactional outbox for reliability.

Error handling

The Result and AppError taxonomy, how failures map to ProblemDetails responses, and how to add an error type.

File storage

Upload, store and serve files through the S3-compatible storage abstraction (MinIO locally).

Adding an API version

Introduce a new API version (v2) without breaking existing clients.

Data export & GDPR

Export a user's personal data and handle deletion, the GDPR-oriented personal-data tooling.

Impersonation

Let admins safely impersonate a user for support, with the audit trail that records it.

Removing a feature

Cleanly delete a vertical slice across the API, frontend, permissions and tests.

Testing a feature

Unit-test handlers and aggregates with the fast suite, and cover endpoints with Testcontainers integration tests.

Frontend

Frontend overview

The React SPA: its slice-per-feature layout, routing with TanStack, and the shadcn/ui design system.

The typed API client

How the frontend talks to the API: one typed client, cookies and CSRF handled for you, wrapped in TanStack Query.

Adding a frontend feature

Build a new feature slice in the React SPA: route, data hooks, components and types.

Adding a language

Add a new language to the SPA, where translation namespaces live, and how strings are looked up.

Building a form

Build a validated form with React Hook Form and Zod, wired to the typed API client and its errors.

Permissions in the UI

Show, hide and guard UI by the current user's permissions, mirrored from the API.

Operations

Observability

Traces, metrics and logs through OpenTelemetry into Grafana, and how to instrument your own slices.

Deployment

Building the production images, configuration through environment variables, and running the production stack.

Configuration

How the template is configured: appsettings as development placeholders, environment-variable overrides in production, and the local port map.

Reverse proxy

Run the API behind a reverse proxy (TLS, forwarded headers, cookies) in production.

Landing site

Overview

The marketing site in landing/: a static Astro site with no React or runtime, and the map of files you change to make it your own.

Brand and navigation

Change brand copy, URLs, pricing and SEO defaults in src/config/site.ts, and edit the header and footer links in src/config/navigation.ts.

Theming and dark mode

Recolour the site through the design tokens in global.css, swap fonts, and understand the class-based dark mode and the shared vertex mark.

Content and assets

Add blog posts and documentation pages through Astro content collections, refresh product screenshots, and regenerate Open Graph images.

Interactive API reference

Explore every endpoint with request and response schemas, and try calls against your running API.

Open API reference

Use these docs with AI

Give your coding assistant /llms.txt for a linked index, or /llms-full.txt for every page in one file. See AI-assisted development.

How to feed the docs to AI