Mastering Full-Stack Type Safety: Next.js, tRPC, and Zod for Robust Applications

Introduction: The Quest for Unbreakable Code

In the fast-paced world of web development, building applications that are both robust and easy to maintain is paramount. Yet, bridging the gap between a meticulously typed frontend and a powerful, often dynamic, backend can feel like navigating a minefield. The dreaded runtime error, often a result of mismatched data shapes or forgotten API contracts, lurks in the shadows, waiting to derail your users' experience and your development sprint.

Imagine a world where your frontend code inherently understands the structure of your backend API, where every data transfer is validated, and where refactoring a backend schema automatically flags type mismatches in your client. This isn't a pipe dream; it's the reality offered by a potent combination: Next.js, tRPC, and Zod. Together, these technologies empower developers to achieve unparalleled full-stack type safety, transforming development from a cautious crawl to a confident sprint.

Why Full-Stack Type Safety is Your Superpower

Before diving into the how, let's reaffirm the why. Type safety, especially end-to-end, brings a plethora of benefits that extend far beyond simply catching errors:

Reduced Bugs and Runtime Errors: The most obvious benefit. By validating data shapes at compile-time and runtime, you eliminate an entire class of errors related to incorrect data formats or missing properties.
Enhanced Developer Experience (DX): Autocomplete, intelligent refactoring, and immediate feedback from your IDE drastically improve productivity. You spend less time debugging and more time building.
Improved Maintainability and Refactoring: Changes to your API are immediately propagated to the client, allowing you to refactor with confidence, knowing the compiler will guide you.
Clearer API Contracts: Type definitions act as living documentation, making API contracts explicit and easy to understand for both frontend and backend developers.
Better Collaboration: Teams can work more harmoniously, as misunderstandings about data structures are minimized.

In a complex application, these benefits compound, leading to significantly higher quality software and a much more pleasant development process.

Demystifying tRPC: Type-Safe RPC for the Modern Web

What is tRPC?

tRPC stands for "TypeScript Remote Procedure Call." At its core, tRPC allows you to build fully type-safe APIs without needing GraphQL, REST, or any code generation. It leverages TypeScript's powerful inference capabilities to provide end-to-end type safety between your client and server.

Unlike traditional API approaches where you define a schema (GraphQL) or adhere to HTTP verbs and resource paths (REST), tRPC directly exposes your backend functions (procedures) to the client. When you call a procedure on the client, TypeScript already knows its expected arguments and return type, because the client is, in essence, importing the server's type definitions.

How tRPC Works Its Magic

The core innovation of tRPC lies in its ability to reuse the same TypeScript types on both the client and the server. Here’s a simplified breakdown:

Server-Side Definition: You define your API procedures on the server using tRPC's API builder. These procedures are regular TypeScript functions.
Type Inference: tRPC infers the types of inputs and outputs for these procedures.
Client-Side Import: Your client code imports the *type definitions* (not the actual runtime code) of your tRPC API.
Type-Safe Calls: When you call a tRPC procedure from the client, TypeScript uses these imported types to ensure that your arguments match the server's expectations and that the response you receive will have the correct shape.

This "import-based" type sharing eliminates the need for manual type declarations on the client, schema stitching, or complex code generation. It's elegantly simple and incredibly powerful.

Zod: Runtime Validation with Type Inference

The Perfect Companion for tRPC

While tRPC provides compile-time type safety, it's crucial to also validate data at runtime, especially for incoming requests from external sources. This is where Zod shines. Zod is a TypeScript-first schema declaration and validation library. It allows you to define complex data schemas and then validate data against them, all while inferring TypeScript types directly from your schema definitions.

Why is Zod essential with tRPC? Even though tRPC ensures your client-side calls match your server-side definitions, the actual data being sent *over the network* or data coming from external untrusted sources (like user input or other microservices) still needs validation. Zod provides this crucial layer of runtime protection.

Key Features of Zod:

TypeScript-first: Infers types directly from your schemas.
Runtime Validation: Ensures data conforms to your expectations at execution time.
Schema Composition: Build complex schemas from simpler ones.
User-Friendly Errors: Provides clear and customizable error messages.
Tree-Shakable: Only bundles the validation logic you use.

Setting Up Your Full-Stack Type-Safe Next.js Project

Let's walk through setting up a new Next.js project with tRPC and Zod. We'll assume you have Node.js and npm/yarn installed.

1. Initialize Your Next.js Project

We'll use create-t3-app as a fantastic starting point, as it provides a pre-configured setup with Next.js, tRPC, Prisma, and Tailwind CSS. If you prefer a barebones Next.js project, you can install tRPC and Zod manually.

npx create-t3-app@latest my-trpc-app# Follow the prompts:# - What will your project be called? my-trpc-app# - Which packages would you like to enable? (Select tRPC)# - Would you like to use Tailwind CSS? (Optional, but good for quick styling)# - Would you like to initialize a new Git repository? (Yes)# - How would you like to import aliases? (@/)

Navigate into your new project:

cd my-trpc-app

2. Understanding the Core tRPC Files (T3 App Structure)

If you used create-t3-app, many files are already set up for you. Let's look at the key ones in src/server/api:

src/server/api/trpc.ts: This file initializes your tRPC context and router. The context is crucial as it's where you'll define any shared resources or authenticated user data available to all your API procedures.
src/server/api/routers/example.ts: An example router showing how to define procedures.
src/server/api/root.ts: This file combines all your individual routers into a single root API, which is then exposed to the client.
src/pages/api/trpc/[trpc].ts: The Next.js API route that handles all incoming tRPC requests. It acts as the bridge between Next.js and your tRPC backend.

Let's examine src/server/api/trpc.ts:

// src/server/api/trpc.tsimport { initTRPC } from "@trpc/server";import superjson from "superjson";import { ZodError } from "zod";/** * 1. CONTEXT * * This section defines the "contexts" that are available in your tRPC procedures. * * The `createContext` function is used to create a context for each request. * It's a great place to inject dependencies like a database client or an authentication object. */export const createContext = async (opts: { headers: Headers }) => {  return {    headers: opts.headers,    // Add other dependencies here, e.g., prisma: db, auth: session  };};/** * 2. INITIALIZATION * * This is where the tRPC API is initialized. We create an instance of TRPC. */const t = initTRPC.context<typeof createContext>().create({  transformer: superjson,  errorFormatter({ shape, error }) {    return {      ...shape,      data: {        ...shape.data,        zodError:          error.cause instanceof ZodError ? error.cause.flatten() : null,      },    };  },});/** * 3. ROUTER & PRODUCERS * * These are the pieces you use to build your tRPC API. *//** * This is the primary router for your tRPC API. * All of your application's procedures should be nested inside this router. */export const createTRPCRouter = t.router;/** * Public (unauthenticated) procedure * * This is the base piece you use to build new queries and mutations on your tRPC API. * It does not guarantee that a user querying is authorized. */export const publicProcedure = t.procedure;

And src/server/api/root.ts:

// src/server/api/root.tsimport { createTRPCRouter } from "~/server/api/trpc";import { exampleRouter } from "~/server/api/routers/example";import { postRouter } from "~/server/api/routers/post"; // We'll add this later/** * This is the primary router for your server. * * All routers added in /api/routers should be manually added here. */export const appRouter = createTRPCRouter({  example: exampleRouter,  post: postRouter, // Add our new router here});// export type definition of APIexport type AppRouter = typeof appRouter;

3. Setting up the tRPC Client

On the client-side, the T3 app provides src/utils/api.ts which sets up the tRPC client and React Query hooks for easy consumption:

// src/utils/api.tsimport { httpBatchLink, loggerLink } from "@trpc/client";import { createTRPCNext } from "@trpc/next";import { type inferRouterInputs, type inferRouterOutputs } from "@trpc/server";import superjson from "superjson";import { type AppRouter } from "~/server/api/root";const getBaseUrl = () => {  if (typeof window !== "undefined") return ""; // browser should use relative url  if (process.env.VERCEL_URL) return `https://${process.env.VERCEL_URL}`; // SSR should use vercel url  return `http://localhost:${process.env.PORT ?? 3000}`; // dev SSR should use localhost};/** A set of type-safe hooks for your tRPC API. */export const api = createTRPCNext<AppRouter>({  config() {    return {      /**       * Transformer used for data serialization.       * @see https://trpc.io/docs/data-transformers       */      transformer: superjson,      /**       * Links used to build the tRPC client.       * @see https://trpc.io/docs/links       */      links: [        loggerLink({          enabled: (opts) =>            process.env.NODE_ENV === "development" ||            (opts.direction === "down" && opts.result instanceof Error),        }),        httpBatchLink({          url: `${getBaseUrl()}/api/trpc`,        }),      ],    };  },  /**   * Whether tRPC should await queries when server rendering pages.   * @see https://trpc.io/docs/ssr   */  ssr: false,});/** * Inference helper for inputs. * @example type HelloInput = RouterInputs['example']['hello'] */export type RouterInputs = inferRouterInputs<AppRouter>;/** * Inference helper for outputs. * @example type HelloOutput = RouterOutputs['example']['hello'] */export type RouterOutputs = inferRouterOutputs<AppRouter>;

The api object generated by createTRPCNext provides hooks like api.post.getAll.useQuery() that are fully type-safe.

Building a Type-Safe API with Zod and tRPC: A Post Management Example

Let's create a simple API for managing blog posts. We'll define schemas for creating, updating, and fetching posts.

1. Define Zod Schemas

Create a new file src/server/api/schemas/post.ts to house our Zod schemas. This is where we define the shape of our data.

// src/server/api/schemas/post.tsimport { z } from "zod";// Schema for creating a new postexport const createPostSchema = z.object({  title: z.string().min(5, "Title must be at least 5 characters long"),  content: z.string().min(10, "Content must be at least 10 characters long"),  authorId: z.string(), // Assuming a user ID});// Schema for updating an existing postexport const updatePostSchema = z.object({  id: z.string(),  title: z.string().min(5).optional(), // Title is optional for update  content: z.string().min(10).optional(), // Content is optional for update});// Schema for fetching a single postexport const getPostByIdSchema = z.object({  id: z.string(),});// Infer TypeScript types directly from Zod schemasexport type CreatePostInput = z.infer<typeof createPostSchema>;export type UpdatePostInput = z.infer<typeof updatePostSchema>;export type GetPostByIdInput = z.infer<typeof getPostByIdSchema>;

Notice how z.infer<typeof someSchema> automatically extracts the TypeScript type. This is incredibly powerful!

2. Create a tRPC Router for Posts

Next, create src/server/api/routers/post.ts for our post-related API procedures.

// src/server/api/routers/post.tsimport { z } from "zod"; // Import Zodimport { createTRPCRouter, publicProcedure } from "~/server/api/trpc";import { createPostSchema, updatePostSchema, getPostByIdSchema } from "~/server/api/schemas/post";// In a real app, you'd use a database like Prisma here.// For demonstration, we'll use a simple in-memory array.interface Post {  id: string;  title: string;  content: string;  authorId: string;  createdAt: Date;  updatedAt: Date;}let posts: Post[] = [  {    id: "post1",    title: "First Blog Post",    content: "This is the content of the first blog post.",    authorId: "user1",    createdAt: new Date(),    updatedAt: new Date(),  },];export const postRouter = createTRPCRouter({  // Query to get all posts  getAll: publicProcedure.query(() => {    return posts;  }),  // Query to get a single post by ID  getById: publicProcedure    .input(getPostByIdSchema) // Zod validation for input    .query(({ input }) => {      const post = posts.find((p) => p.id === input.id);      if (!post) {        // tRPC can throw custom errors        throw new Error("Post not found");      }      return post;    }),  // Mutation to create a new post  create: publicProcedure    .input(createPostSchema) // Zod validation for input    .mutation(({ input }) => {      const newPost: Post = {        id: (posts.length + 1).toString(), // Simple ID generation        ...input,        createdAt: new Date(),        updatedAt: new Date(),      };      posts.push(newPost);      return newPost;    }),  // Mutation to update an existing post  update: publicProcedure    .input(updatePostSchema) // Zod validation for input    .mutation(({ input }) => {      const index = posts.findIndex((p) => p.id === input.id);      if (index === -1) {        throw new Error("Post not found");      }      posts[index] = { ...posts[index], ...input, updatedAt: new Date() };      return posts[index];    }),  // Mutation to delete a post  delete: publicProcedure    .input(z.object({ id: z.string() })) // Inline Zod schema    .mutation(({ input }) => {      const initialLength = posts.length;      posts = posts.filter((p) => p.id !== input.id);      if (posts.length === initialLength) {        throw new Error("Post not found");      }      return { success: true, id: input.id };    }),});

Remember to add postRouter to src/server/api/root.ts as shown earlier.

In this router:

publicProcedure is a base procedure that can be called without authentication.
.input(zodSchema) is where Zod truly shines with tRPC. It ensures that the incoming data to this procedure matches the defined schema. If not, tRPC automatically throws a ZodError, which our errorFormatter in trpc.ts can catch and serialize.
TypeScript automatically infers the types of input and the return value for each procedure.

Consuming Your Type-Safe API in Next.js Components

Now, let's use these procedures in a React component within our Next.js application.

Create a simple page, e.g., src/pages/posts.tsx:

// src/pages/posts.tsximport Head from "next/head";import { api } from "~/utils/api";import { useState } from "react";import { type CreatePostInput, type UpdatePostInput } from "~/server/api/schemas/post";export default function PostsPage() {  const [newPostTitle, setNewPostTitle] = useState("");  const [newPostContent, setNewPostContent] = useState("");  const [editPostId, setEditPostId] = useState<string | null>(null);  const [editPostTitle, setEditPostTitle] = useState("");  const [editPostContent, setEditPostContent] = useState("");  // Fetch all posts  const { data: posts, isLoading, error, refetch } = api.post.getAll.useQuery();  // Mutation to create a post  const createPostMutation = api.post.create.useMutation({    onSuccess: () => {      setNewPostTitle("");      setNewPostContent("");      void refetch(); // Refetch posts after creation    },  });  // Mutation to update a post  const updatePostMutation = api.post.update.useMutation({    onSuccess: () => {      setEditPostId(null);      setEditPostTitle("");      setEditPostContent("");      void refetch(); // Refetch posts after update    },  });  // Mutation to delete a post  const deletePostMutation = api.post.delete.useMutation({    onSuccess: () => {      void refetch(); // Refetch posts after deletion    },  });  const handleCreatePost = () => {    const input: CreatePostInput = {      title: newPostTitle,      content: newPostContent,      authorId: "user1", // Hardcoded for demo    };    createPostMutation.mutate(input);  };  const handleUpdatePost = (id: string) => {    const input: UpdatePostInput = {      id,      title: editPostTitle || undefined, // Send only if changed      content: editPostContent || undefined, // Send only if changed    };    updatePostMutation.mutate(input);  };  const handleDeletePost = (id: string) => {    deletePostMutation.mutate({ id });  };  if (isLoading) return <div>Loading posts...</div>;  if (error) return <div>Error: {error.message}</div>;  return (    <>      <Head>        <title>Posts - tRPC & Zod</title>        <meta name="description" content="Manage your posts with tRPC and Zod" />        <link rel="icon" href="/favicon.ico" />      </Head>      <main className="flex min-h-screen flex-col items-center justify-center bg-gray-100 p-4">        <div className="container max-w-4xl rounded-lg bg-white p-6 shadow-lg">          <h1 className="mb-6 text-3xl font-bold text-gray-800">Blog Posts</h1>          <div className="mb-8 rounded-md bg-blue-50 p-4 shadow-sm">            <h2 className="mb-4 text-2xl font-semibold text-blue-800">Create New Post</h2>            <input              type="text"              placeholder="Title"              className="mb-2 w-full rounded border p-2"              value={newPostTitle}              onChange={(e) => setNewPostTitle(e.target.value)}            />            <textarea              placeholder="Content"              className="mb-4 w-full rounded border p-2"              rows={4}              value={newPostContent}              onChange={(e) => setNewPostContent(e.target.value)}            ></textarea>            <button              onClick={handleCreatePost}              className="rounded bg-blue-600 px-4 py-2 text-white hover:bg-blue-700"              disabled={createPostMutation.isLoading || newPostTitle === "" || newPostContent === ""}            >              {createPostMutation.isLoading ? "Creating..." : "Create Post"}            </button>            {createPostMutation.error && (              <p className="mt-2 text-red-500">Error: {createPostMutation.error.message}</p>            )}            {createPostMutation.error?.data?.zodError && (              <ul className="mt-2 text-red-500">                {Object.values(createPostMutation.error.data.zodError.fieldErrors).map(                  (errors, index) => (                    <li key={index}>{errors?.[0]}</li>                  ),                )}              </ul>            )}          </div>          <h2 className="mb-4 text-2xl font-semibold text-gray-800">All Posts</h2>          <ul className="space-y-4">            {posts?.map((post) => (              <li key={post.id} className="rounded-md border p-4 shadow-sm">                {editPostId === post.id ? (                  <div>                    <input                      type="text"                      className="mb-2 w-full rounded border p-2"                      value={editPostTitle}                      onChange={(e) => setEditPostTitle(e.target.value)}                    />                    <textarea                      className="mb-4 w-full rounded border p-2"                      rows={3}                      value={editPostContent}                      onChange={(e) => setEditPostContent(e.target.value)}                    ></textarea>                    <button                      onClick={() => handleUpdatePost(post.id)}                      className="mr-2 rounded bg-green-600 px-3 py-1 text-white hover:bg-green-700"                      disabled={updatePostMutation.isLoading}                    >                      {updatePostMutation.isLoading ? "Saving..." : "Save"}                    </button>                    <button                      onClick={() => setEditPostId(null)}                      className="rounded bg-gray-400 px-3 py-1 text-white hover:bg-gray-500"                    >                      Cancel                    </button>                    {updatePostMutation.error && (                      <p className="mt-2 text-red-500">Error: {updatePostMutation.error.message}</p>                    )}                  </div>                ) : (                  <div>                    <h3 className="text-xl font-bold text-gray-900">{post.title}</h3>                    <p className="mt-1 text-gray-700">{post.content}</p>                    <p className="mt-2 text-sm text-gray-500">Author: {post.authorId} | Created: {post.createdAt.toLocaleDateString()}</p>                    <div className="mt-3 flex space-x-2">                      <button                        onClick={() => {                          setEditPostId(post.id);                          setEditPostTitle(post.title);                          setEditPostContent(post.content);                        }}                        className="rounded bg-yellow-500 px-3 py-1 text-white hover:bg-yellow-600"                      >                        Edit                      </button>                      <button                        onClick={() => handleDeletePost(post.id)}                        className="rounded bg-red-600 px-3 py-1 text-white hover:bg-red-700"                        disabled={deletePostMutation.isLoading}                      >                        {deletePostMutation.isLoading ? "Deleting..." : "Delete"}                      </button>                    </div>                    {deletePostMutation.error && (                      <p className="mt-2 text-red-500">Error: {deletePostMutation.error.message}</p>                    )}                  </div>                )}              </li>            ))}          </ul>        </div>      </main>    </>  );}

`Introduction: The Quest for Unbreakable Code`

In the fast-paced world of web development, building applications that are both robust and easy to maintain is paramount. Yet, bridging the gap between a meticulously typed frontend and a powerful, often dynamic, backend can feel like navigating a minefield. The dreaded runtime error, often a result of mismatched data shapes or forgotten API contracts, lurks in the shadows, waiting to derail your users' experience and your development sprint.

Imagine a world where your frontend code inherently understands the structure of your backend API, where every data transfer is validated, and where refactoring a backend schema automatically flags type mismatches in your client. This isn't a pipe dream; it's the reality offered by a potent combination: Next.js, tRPC, and Zod. Together, these technologies empower developers to achieve unparalleled full-stack type safety, transforming development from a cautious crawl to a confident sprint.

`Why Full-Stack Type Safety is Your Superpower`

Before diving into the how, let's reaffirm the why. Type safety, especially end-to-end, brings a plethora of benefits that extend far beyond simply catching errors:

  Reduced Bugs and Runtime Errors: The most obvious benefit. By validating data shapes at compile-time and runtime, you eliminate an entire class of errors related to incorrect data formats or missing properties.
  Enhanced Developer Experience (DX): Autocomplete, intelligent refactoring, and immediate feedback from your IDE drastically improve productivity. You spend less time debugging and more time building.
  Improved Maintainability and Refactoring: Changes to your API are immediately propagated to the client, allowing you to refactor with confidence, knowing the compiler will guide you.
  Clearer API Contracts: Type definitions act as living documentation, making API contracts explicit and easy to understand for both frontend and backend developers.
  Better Collaboration: Teams can work more harmoniously, as misunderstandings about data structures are minimized.

In a complex application, these benefits compound, leading to significantly higher quality software and a much more pleasant development process.

`Demystifying tRPC: Type-Safe RPC for the Modern Web`

`What is tRPC?`

tRPC stands for "TypeScript Remote Procedure Call." At its core, tRPC allows you to build fully type-safe APIs without needing GraphQL, REST, or any code generation. It leverages TypeScript's powerful inference capabilities to provide end-to-end type safety between your client and server.

Unlike traditional API approaches where you define a schema (GraphQL) or adhere to HTTP verbs and resource paths (REST), tRPC directly exposes your backend functions (procedures) to the client. When you call a procedure on the client, TypeScript already knows its expected arguments and return type, because the client is, in essence, importing the server's type definitions.

`How tRPC Works Its Magic`

The core innovation of tRPC lies in its ability to reuse the same TypeScript types on both the client and the server. Here’s a simplified breakdown:

  Server-Side Definition: You define your API procedures on the server using tRPC's API builder. These procedures are regular TypeScript functions.
  Type Inference: tRPC infers the types of inputs and outputs for these procedures.
  Client-Side Import: Your client code imports the *type definitions* (not the actual runtime code) of your tRPC API.
  Type-Safe Calls: When you call a tRPC procedure from the client, TypeScript uses these imported types to ensure that your arguments match the server's expectations and that the response you receive will have the correct shape.

This "import-based" type sharing eliminates the need for manual type declarations on the client, schema stitching, or complex code generation. It's elegantly simple and incredibly powerful.

`Zod: Runtime Validation with Type Inference`

`The Perfect Companion for tRPC`

While tRPC provides compile-time type safety, it's crucial to also validate data at runtime, especially for incoming requests from external sources. This is where Zod shines. Zod is a TypeScript-first schema declaration and validation library. It allows you to define complex data schemas and then validate data against them, all while inferring TypeScript types directly from your schema definitions.

Why is Zod essential with tRPC? Even though tRPC ensures your client-side calls match your server-side definitions, the actual data being sent *over the network* or data coming from external untrusted sources (like user input or other microservices) still needs validation. Zod provides this crucial layer of runtime protection.

`Key Features of Zod:`

  TypeScript-first: Infers types directly from your schemas.
  Runtime Validation: Ensures data conforms to your expectations at execution time.
  Schema Composition: Build complex schemas from simpler ones.
  User-Friendly Errors: Provides clear and customizable error messages.
  Tree-Shakable: Only bundles the validation logic you use.

`Setting Up Your Full-Stack Type-Safe Next.js Project`

Let's walk through setting up a new Next.js project with tRPC and Zod. We'll assume you have Node.js and npm/yarn installed.

`1. Initialize Your Next.js Project`

We'll use create-t3-app as a fantastic starting point, as it provides a pre-configured setup with Next.js, tRPC, Prisma, and Tailwind CSS. If you prefer a barebones Next.js project, you can install tRPC and Zod manually.

npx create-t3-app@latest my-trpc-app# Follow the prompts:# - What will your project be called? my-trpc-app# - Which packages would you like to enable? (Select tRPC)# - Would you like to use Tailwind CSS? (Optional, but good for quick styling)# - Would you like to initialize a new Git repository? (Yes)# - How would you like to import aliases? (@/)

Navigate into your new project:

cd my-trpc-app

`2. Understanding the Core tRPC Files (T3 App Structure)`

If you used create-t3-app, many files are already set up for you. Let's look at the key ones in src/server/api:

  src/server/api/trpc.ts: This file initializes your tRPC context and router. The context is crucial as it's where you'll define any shared resources or authenticated user data available to all your API procedures.
  src/server/api/routers/example.ts: An example router showing how to define procedures.
  src/server/api/root.ts: This file combines all your individual routers into a single root API, which is then exposed to the client.
  src/pages/api/trpc/[trpc].ts: The Next.js API route that handles all incoming tRPC requests. It acts as the bridge between Next.js and your tRPC backend.

Let's examine src/server/api/trpc.ts:

// src/server/api/trpc.tsimport { initTRPC } from "@trpc/server";import superjson from "superjson";import { ZodError } from "zod";/** * 1. CONTEXT * * This section defines the "contexts" that are available in your tRPC procedures. * * The `createContext` function is used to create a context for each request. * It's a great place to inject dependencies like a database client or an authentication object. */export const createContext = async (opts: { headers: Headers }) => {  return {    headers: opts.headers,    // Add other dependencies here, e.g., prisma: db, auth: session  };};/** * 2. INITIALIZATION * * This is where the tRPC API is initialized. We create an instance of TRPC. */const t = initTRPC.context<typeof createContext>().create({  transformer: superjson,  errorFormatter({ shape, error }) {    return {      ...shape,      data: {        ...shape.data,        zodError:          error.cause instanceof ZodError ? error.cause.flatten() : null,      },    };  },});/** * 3. ROUTER & PRODUCERS * * These are the pieces you use to build your tRPC API. *//** * This is the primary router for your tRPC API. * All of your application's procedures should be nested inside this router. */export const createTRPCRouter = t.router;/** * Public (unauthenticated) procedure * * This is the base piece you use to build new queries and mutations on your tRPC API. * It does not guarantee that a user querying is authorized. */export const publicProcedure = t.procedure;

And src/server/api/root.ts:

// src/server/api/root.tsimport { createTRPCRouter } from "~/server/api/trpc";import { exampleRouter } from "~/server/api/routers/example";import { postRouter } from "~/server/api/routers/post"; // We'll add this later/** * This is the primary router for your server. * * All routers added in /api/routers should be manually added here. */export const appRouter = createTRPCRouter({  example: exampleRouter,  post: postRouter, // Add our new router here});// export type definition of APIexport type AppRouter = typeof appRouter;

`3. Setting up the tRPC Client`

On the client-side, the T3 app provides src/utils/api.ts which sets up the tRPC client and React Query hooks for easy consumption:

// src/utils/api.tsimport { httpBatchLink, loggerLink } from "@trpc/client";import { createTRPCNext } from "@trpc/next";import { type inferRouterInputs, type inferRouterOutputs } from "@trpc/server";import superjson from "superjson";import { type AppRouter } from "~/server/api/root";const getBaseUrl = () => {  if (typeof window !== "undefined") return ""; // browser should use relative url  if (process.env.VERCEL_URL) return `https://${process.env.VERCEL_URL}`; // SSR should use vercel url  return `http://localhost:${process.env.PORT ?? 3000}`; // dev SSR should use localhost};/** A set of type-safe hooks for your tRPC API. */export const api = createTRPCNext<AppRouter>({  config() {    return {      /**       * Transformer used for data serialization.       * @see https://trpc.io/docs/data-transformers       */      transformer: superjson,      /**       * Links used to build the tRPC client.       * @see https://trpc.io/docs/links       */      links: [        loggerLink({          enabled: (opts) =>            process.env.NODE_ENV === "development" ||            (opts.direction === "down" && opts.result instanceof Error),        }),        httpBatchLink({          url: `${getBaseUrl()}/api/trpc`,        }),      ],    };  },  /**   * Whether tRPC should await queries when server rendering pages.   * @see https://trpc.io/docs/ssr   */  ssr: false,});/** * Inference helper for inputs. * @example type HelloInput = RouterInputs['example']['hello'] */export type RouterInputs = inferRouterInputs<AppRouter>;/** * Inference helper for outputs. * @example type HelloOutput = RouterOutputs['example']['hello'] */export type RouterOutputs = inferRouterOutputs<AppRouter>;

The api object generated by createTRPCNext provides hooks like api.post.getAll.useQuery() that are fully type-safe.

`Building a Type-Safe API with Zod and tRPC: A Post Management Example`

Let's create a simple API for managing blog posts. We'll define schemas for creating, updating, and fetching posts.

`1. Define Zod Schemas`

Create a new file src/server/api/schemas/post.ts to house our Zod schemas. This is where we define the shape of our data.

// src/server/api/schemas/post.tsimport { z } from "zod";// Schema for creating a new postexport const createPostSchema = z.object({  title: z.string().min(5, "Title must be at least 5 characters long"),  content: z.string().min(10, "Content must be at least 10 characters long"),  authorId: z.string(), // Assuming a user ID});// Schema for updating an existing postexport const updatePostSchema = z.object({  id: z.string(),  title: z.string().min(5).optional(), // Title is optional for update  content: z.string().min(10).optional(), // Content is optional for update});// Schema for fetching a single postexport const getPostByIdSchema = z.object({  id: z.string(),});// Infer TypeScript types directly from Zod schemasexport type CreatePostInput = z.infer<typeof createPostSchema>;export type UpdatePostInput = z.infer<typeof updatePostSchema>;export type GetPostByIdInput = z.infer<typeof getPostByIdSchema>;

Notice how z.infer<typeof someSchema> automatically extracts the TypeScript type. This is incredibly powerful!

`2. Create a tRPC Router for Posts`

Next, create src/server/api/routers/post.ts for our post-related API procedures.

// src/server/api/routers/post.tsimport { z } from "zod"; // Import Zodimport { createTRPCRouter, publicProcedure } from "~/server/api/trpc";import { createPostSchema, updatePostSchema, getPostByIdSchema } from "~/server/api/schemas/post";// In a real app, you'd use a database like Prisma here.// For demonstration, we'll use a simple in-memory array.interface Post {  id: string;  title: string;  content: string;  authorId: string;  createdAt: Date;  updatedAt: Date;}let posts: Post[] = [  {    id: "post1",    title: "First Blog Post",    content: "This is the content of the first blog post.",    authorId: "user1",    createdAt: new Date(),    updatedAt: new Date(),  },];export const postRouter = createTRPCRouter({  // Query to get all posts  getAll: publicProcedure.query(() => {    return posts;  }),  // Query to get a single post by ID  getById: publicProcedure    .input(getPostByIdSchema) // Zod validation for input    .query(({ input }) => {      const post = posts.find((p) => p.id === input.id);      if (!post) {        // tRPC can throw custom errors        throw new Error("Post not found");      }      return post;    }),  // Mutation to create a new post  create: publicProcedure    .input(createPostSchema) // Zod validation for input    .mutation(({ input }) => {      const newPost: Post = {        id: (posts.length + 1).toString(), // Simple ID generation        ...input,        createdAt: new Date(),        updatedAt: new Date(),      };      posts.push(newPost);      return newPost;    }),  // Mutation to update an existing post  update: publicProcedure    .input(updatePostSchema) // Zod validation for input    .mutation(({ input }) => {      const index = posts.findIndex((p) => p.id === input.id);      if (index === -1) {        throw new Error("Post not found");      }      posts[index] = { ...posts[index], ...input, updatedAt: new Date() };      return posts[index];    }),  // Mutation to delete a post  delete: publicProcedure    .input(z.object({ id: z.string() })) // Inline Zod schema    .mutation(({ input }) => {      const initialLength = posts.length;      posts = posts.filter((p) => p.id !== input.id);      if (posts.length === initialLength) {        throw new Error("Post not found");      }      return { success: true, id: input.id };    }),});

Remember to add postRouter to src/server/api/root.ts as shown earlier.

In this router:

  publicProcedure is a base procedure that can be called without authentication.
  .input(zodSchema) is where Zod truly shines with tRPC. It ensures that the incoming data to this procedure matches the defined schema. If not, tRPC automatically throws a ZodError, which our errorFormatter in trpc.ts can catch and serialize.
  TypeScript automatically infers the types of input and the return value for each procedure.

`Consuming Your Type-Safe API in Next.js Components`

Now, let's use these procedures in a React component within our Next.js application.

Create a simple page, e.g., src/pages/posts.tsx:

// src/pages/posts.tsximport Head from "next/head";import { api } from "~/utils/api";import { useState } from "react";import { type CreatePostInput, type UpdatePostInput } from "~/server/api/schemas/post";export default function PostsPage() {  const [newPostTitle, setNewPostTitle] = useState("");  const [newPostContent, setNewPostContent] = useState("");  const [editPostId, setEditPostId] = useState<string | null>(null);  const [editPostTitle, setEditPostTitle] = useState("");  const [editPostContent, setEditPostContent] = useState("");  // Fetch all posts  const { data: posts, isLoading, error, refetch } = api.post.getAll.useQuery();  // Mutation to create a post  const createPostMutation = api.post.create.useMutation({    onSuccess: () => {      setNewPostTitle("");      setNewPostContent("");      void refetch(); // Refetch posts after creation    },  });  // Mutation to update a post  const updatePostMutation = api.post.update.useMutation({    onSuccess: () => {      setEditPostId(null);      setEditPostTitle("");      setEditPostContent("");      void refetch(); // Refetch posts after update    },  });  // Mutation to delete a post  const deletePostMutation = api.post.delete.useMutation({    onSuccess: () => {      void refetch(); // Refetch posts after deletion    },  });  const handleCreatePost = () => {    const input: CreatePostInput = {      title: newPostTitle,      content: newPostContent,      authorId: "user1", // Hardcoded for demo    };    createPostMutation.mutate(input);  };  const handleUpdatePost = (id: string) => {    const input: UpdatePostInput = {      id,      title: editPostTitle || undefined, // Send only if changed      content: editPostContent || undefined, // Send only if changed    };    updatePostMutation.mutate(input);  };  const handleDeletePost = (id: string) => {    deletePostMutation.mutate({ id });  };  if (isLoading) return <div>Loading posts...</div>;  if (error) return <div>Error: {error.message}</div>;  return (    <>      <Head>        <title>Posts - tRPC & Zod</title>        <meta name="description" content="Manage your posts with tRPC and Zod" />        <link rel="icon" href="/favicon.ico" />      </Head>      <main className="flex min-h-screen flex-col items-center justify-center bg-gray-100 p-4">        <div className="container max-w-4xl rounded-lg bg-white p-6 shadow-lg">          <h1 className="mb-6 text-3xl font-bold text-gray-800">Blog Posts</h1>          <div className="mb-8 rounded-md bg-blue-50 p-4 shadow-sm">            <h2 className="mb-4 text-2xl font-semibold text-blue-800">Create New Post</h2>            <input              type="text"              placeholder="Title"              className="mb-2 w-full rounded border p-2"              value={newPostTitle}              onChange={(e) => setNewPostTitle(e.target.value)}            />            <textarea              placeholder="Content"              className="mb-4 w-full rounded border p-2"              rows={4}              value={newPostContent}              onChange={(e) => setNewPostContent(e.target.value)}            ></textarea>            <button              onClick={handleCreatePost}              className="rounded bg-blue-600 px-4 py-2 text-white hover:bg-blue-700"              disabled={createPostMutation.isLoading || newPostTitle === "" || newPostContent === ""}            >              {createPostMutation.isLoading ? "Creating..." : "Create Post"}            </button>            {createPostMutation.error && (              <p className="mt-2 text-red-500">Error: {createPostMutation.error.message}</p>            )}            {createPostMutation.error?.data?.zodError && (              <ul className="mt-2 text-red-500">                {Object.values(createPostMutation.error.data.zodError.fieldErrors).map(                  (errors, index) => (                    <li key={index}>{errors?.[0]}</li>                  ),                )}              </ul>            )}          </div>          <h2 className="mb-4 text-2xl font-semibold text-gray-800">All Posts</h2>          <ul className="space-y-4">            {posts?.map((post) => (              <li key={post.id} className="rounded-md border p-4 shadow-sm">                {editPostId === post.id ? (                  <div>                    <input                      type="text"                      className="mb-2 w-full rounded border p-2"                      value={editPostTitle}                      onChange={(e) => setEditPostTitle(e.target.value)}                    />                    <textarea                      className="mb-4 w-full rounded border p-2"                      rows={3}                      value={editPostContent}                      onChange={(e) => setEditPostContent(e.target.value)}                    ></textarea>                    <button                      onClick={() => handleUpdatePost(post.id)}                      className="mr-2 rounded bg-green-600 px-3 py-1 text-white hover:bg-green-700"                      disabled={updatePostMutation.isLoading}                    >                      {updatePostMutation.isLoading ? "Saving..." : "Save"}                    </button>                    <button                      onClick={() => setEditPostId(null)}                      className="rounded bg-gray-400 px-3 py-1 text-white hover:bg-gray-500"                    >                      Cancel                    </button>                    {updatePostMutation.error && (                      <p className="mt-2 text-red-500">Error: {updatePostMutation.error.message}</p>                    )}                  </div>                ) : (                  <div>                    <h3 className="text-xl font-bold text-gray-900">{post.title}</h3>                    <p className="mt-1 text-gray-700">{post.content}</p>                    <p className="mt-2 text-sm text-gray-500">Author: {post.authorId} | Created: {post.createdAt.toLocaleDateString()}</p>                    <div className="mt-3 flex space-x-2">                      <button                        onClick={() => {                          setEditPostId(post.id);                          setEditPostTitle(post.title);                          setEditPostContent(post.content);                        }}                        className="rounded bg-yellow-500 px-3 py-1 text-white hover:bg-yellow-600"                      >                        Edit                      </button>                      <button                        onClick={() => handleDeletePost(post.id)}                        className="rounded bg-red-600 px-3 py-1 text-white hover:bg-red-700"                        disabled={deletePostMutation.isLoading}                      >                        {deletePostMutation.isLoading ? "Deleting..." : "Delete"}                      </button>                    </div>                    {deletePostMutation.error && (                      <p className="mt-2 text-red-500">Error: {deletePostMutation.error.message}</p>                    )}                  </div>                )}              </li>            ))}          </ul>        </div>      </main>    </>  );}