By Hakan Akcan · Reepa Solutions
The question "Low-Code or Custom-Code?" is no longer binary in 2026, and it has simultaneously become more important because cost structures on both sides have shifted dramatically. Low-code platforms have grown considerably more capable over the past three years — Microsoft Power Platform, Mendix, and OutSystems now cover use cases that previously required classical programming. At the same time, AI-assisted code generation has radically changed the economics of custom-code: what two years ago was a week's work for a junior developer, Cursor, Claude Code, and GitHub Copilot now complete in a few hours. For CEOs, CIOs, and CTOs, this creates a three-dimensional decision space rather than the old binary choice. This article puts the options in context, shows which use cases fit which approach, examines the often-underestimated lock-in risk, and delivers a Reepa recommendation by use case. For broader context, see our Software Development guide and the cluster Custom Software vs Off-the-Shelf.
What Low-Code Can (and Cannot) Really Do in 2026
The marketing promises of low-code vendors are ambitious: applications without programming knowledge, ten-times faster development, business units building their own tools. The reality in German mid-market projects is more nuanced. What low-code genuinely does well in 2026: internal CRUD applications with manageable logic, approval workflows, simple form-centric applications, integration frontends onto existing ERP or CRM systems, and prototypes for requirements clarification. In these areas the speed-up factors are real — a stock-management app that would cost six to eight weeks in classical development goes live in two to three weeks in Microsoft Power Apps.
What low-code still does not do well in 2026: complex business logic with many edge cases, state machines with dozens of transitions, performance-critical data processing, demanding mobile UX, highly customisable search functionality, real-time collaboration, and multi-tenant SaaS products with tenant isolation. In these areas, low-code models lead to workarounds that become unmaintainable beyond a certain complexity threshold — the notorious "workflow spaghetti", where hundreds of nodes in a drag-and-drop editor attempt to replicate what twenty lines of code would have resolved cleanly.
A frequently underestimated point is the learning curve. The claim that "business units build it themselves" holds true for trivial apps. Once data models, relationships, security roles, and integrations come into play, low-code development is demanding software engineering work that merely swaps the tooling. In practice, a productive Power Platform developer needs one to two years of experience — no less than a classical web developer.
Platform Overview
The low-code market is split in 2026 into four segments that differ significantly in target audience, technical depth, and lock-in risk. The following overview is intended as orientation, not a comprehensive vendor evaluation — the choice depends heavily on existing IT landscape and license agreements.
| Platform | Strength | Target audience | Lock-in |
|---|---|---|---|
| Microsoft Power Platform | Deep Microsoft 365 integration, Dataverse, Copilot Studio | Microsoft customers, internal tools, workflows | High — Dataverse dependency |
| Mendix | Enterprise applications, model-driven, strong governance | Large enterprises, larger mid-market | High — proprietary model |
| OutSystems | Complex applications, code-export option, strong ALM | Enterprises with custom requirements | Medium — Java/.NET export possible |
| Retool | Internal tools for developers, SQL-native, fast database UIs | Tech teams, startups, internal tooling | Medium — JSON export |
| Bubble | Web apps without code, strong community | Founders, prototyping, small SaaS | Very high — no export |
| Webflow | Marketing websites with CMS, visual HTML/CSS | Marketing, smaller online presences | Medium — HTML/CSS export |
| Airtable | Database tables with workflow layer, very low barrier | Business units, lists, small workflows | Medium — CSV export |
Selection follows a simple heuristic: Microsoft customers take Power Platform because licenses are usually already in place and integration with Teams, SharePoint, and Outlook is unbeatable. Mendix and OutSystems only make sense above a certain scale — licenses start above 100,000 euros per year, but governance maturity is high. Retool is the de-facto choice for tech teams that want to build internal tools quickly without writing their own frontend. Bubble is widespread among founders but should be avoided for production business logic. Webflow is a pure marketing-site solution. Airtable works excellently as an Excel replacement with a workflow layer for teams of up to 30 people.
Use-Case Matrix: When Low-Code, When Custom-Code
The most important decision basis is not "which platform" but "does this use case fit low-code at all". The following heuristic from our consulting practice draws a clear line:
- Clearly suited for Low-CodeInternal CRUD applications, inventory management, leave requests, simple approval workflows, front-ends for existing databases, forms with email dispatch, Microsoft 365-centric workflows. Speed beats depth, licensing costs stay manageable, business logic is linear.
- Leaning Low-Code, but verifyMid-complexity business workflows with manageable logic, reporting front-ends, simple customer portals without high UX demands, integration layers between two systems. A two-week proof-of-concept is worthwhile before committing.
- Hybrid — Low-Code front-end, Custom-Code backendWhen the UI is standardised but the logic is complex — typical pattern for sales applications with pricing calculators or configurators. Front-end in Retool or Power Apps, logic as a custom API in Node, Python, or .NET.
- Clearly suited for Custom-CodeComplex business logic with many edge cases, performance-critical applications, mobile-native apps with demanding UX, multi-tenant SaaS products, security-critical systems, applications with near-real-time collaboration, database-intensive searches over millions of records.
- Clearly suited for AI Code GenerationCustom-code projects with well-describable requirements and a small team — AI-assisted development with Cursor or Claude Code is faster than low-code in most of these cases in 2026, without creating lock-in.
The most difficult category is the second — applications where low-code "might work". This is where we see the most failed projects, because initial speed was prioritised over later maintainability. Anyone who wants a solid decision in this grey zone should build two small prototypes — one in low-code, one with AI-assisted custom-code — and compare development time, maintenance effort, and licensing costs over three years.
Facing a Low-Code or Custom-Code decision?
Considering building an internal application and unsure whether low-code, custom-code, or a hybrid model is the right choice? We offer a free 30-minute initial consultation — we evaluate your use case, estimate licensing and development costs over five years, and clearly identify lock-in risks.
Request a free architecture consultationVendor Lock-in — The Uncomfortable Reality
Lock-in is the most underestimated risk in low-code projects. Vendor marketing materials like to talk about "code export", "standard databases", and "open interfaces". The operational reality is different. Concretely, lock-in manifests in three dimensions: data lock-in, because data models and relationships are stored in proprietary formats; logic lock-in, because workflows and validations are modelled in visual editors that cannot be transferred into readable code; and skill lock-in, because the team builds platform-specific knowledge over years that is lost when switching.
OutSystems and Mendix do offer export to generated Java or .NET code. In practice this code is not maintainable — auto-generated code with tens of thousands of lines is not a migration path, it is an emergency fallback. Realistic migration strategies in practice are re-implementations, whose effort runs between 70 and 120 percent of the original development cost. Bubble and Webflow have no serious export. Microsoft Power Platform stores data in Dataverse, which is technically a Microsoft-proprietary database — switching from Power Apps to another system means at minimum a complete data model rebuild.
The honest recommendation: accept lock-in, but do so consciously. A Power Platform application with a five-year lifespan and licensing costs of 50,000 euros per year is an investment that can be economical compared to custom development — as long as you know that a later switch means re-implementation. What must not happen: placing core business processes into a platform with aggressive license escalations without a budgeted exit reserve. We regularly see companies that, after a platform doubles its licensing fees, effectively have no negotiating position for the next three years.
Citizen Developer Risks and Governance
One of the central promises of low-code is citizen development — business units building their own tools without IT involvement. In practice, without governance, four recurring problems emerge. First, data security risks: employees wire spreadsheets containing personal data into Power Apps without involving the data protection officer — GDPR violations follow. Second, shadow IT: the inventory of available apps grows unchecked and nobody knows which applications are business-critical. Third, single points of failure: critical workflows depend on an employee who built the model two years ago and has since left the company. Fourth, unpredictable licensing costs: every new app drives premium license requirements, and the Microsoft budget doubles in three years.
Effective governance has six components: a central inventory of all production apps with owners and business-criticality ratings; an approval process for apps above a defined data classification level; central license management with clear cost allocation per department; defined security roles and data sources that citizen developers are permitted to use at all; regular security reviews at minimum for all production apps; and a sponsor model per application with clearly named backup persons. Microsoft Power Platform provides a workable governance foundation with the Center of Excellence Starter Kit — but it must be actively operated.
Hybrid Models: Low-Code for 80%, Custom for 20%
The strategically smartest answer to the low-code-vs-custom-code question in many mid-market companies is a hybrid model. The idea: trivial applications — approvals, lists, simple forms — run on a low-code platform with high velocity and low development costs. Business-critical applications with complex logic, high user counts, or multi-tenant characteristics run as custom-code with a clear architecture and no lock-in. Concretely, this means in practice: Microsoft Power Platform for internal employee apps, custom-code for the customer portal, custom-code for the sales configurator module, Retool for the admin interface of custom backend databases.
This division requires clear architectural rules. A useful threshold list: apps with fewer than 50 active users and linear logic run on low-code; everything above that moves into the custom-code domain. Apps with personal data above a defined sensitivity level run exclusively on platforms approved by the security team. Apps that reach external customers are custom-code as a matter of principle, because lock-in and scaling risks are highest there. These rules belong in a written platform strategy that is updated at least annually.
Licensing Costs: A Realistic View
The licensing costs of low-code platforms are complex and often develop differently from the original estimate. The following overview gives realistic ranges for 2026 — precise quotes require a licensing advisor and depend heavily on your existing Microsoft or SAP framework agreements.
| Platform | Per user/month | Minimum entry point | Scaling behaviour |
|---|---|---|---|
| Microsoft Power Apps Premium | €20 per app user | from €500/month | Linear, connector surcharges |
| Mendix Standard | €30–60 per user | from €1,500/month | Strongly increasing at enterprise tier |
| OutSystems | on request, typically €80,000–250,000 p.a. | not viable for small teams | Volume licence |
| Retool Business | €50 per user | from €250/month | Linear |
| Bubble | from €32 per application | affordable entry | Workload costs scale |
| Webflow | €15–50 per site | affordable | Per site |
| Airtable Business | €22 per user | from €110/month | Linear |
Important in the calculation: many platforms have hidden costs. Microsoft Power Platform requires premium connector licenses for many data sources beyond SharePoint and Excel — connecting a SQL Server or REST API can double the per-user license price. Bubble charges workload units that increase dramatically with application complexity. Mendix and OutSystems have annual negotiation room but are not economical for small teams. A realistic total-cost-of-ownership calculation over five years is typically two to three times higher than the initial license estimate.
Maintenance and Skill Pool
A frequently overlooked factor is long-term maintainability and the availability of skilled staff. Classical custom-code development with stacks like TypeScript, Python, Java, or .NET has a vast global skill pool — you can find developers in any city who can take over your codebase. Low-code skills are considerably scarcer. Power Platform developers with five years of experience are rare in Germany in 2026; Mendix or OutSystems specialists even rarer. The switching costs when key personnel leave are correspondingly high — external consultants at day rates above €1,400 are the rule, not the exception.
Added to this is the maintenance characteristic of the platform itself. Vendors update components, deprecate connectors, and change licensing models. Anyone operating a low-code application for five years faces between three and five platform migrations — often with mandatory adjustments because deprecated components lose support. These maintenance costs belong in the original calculation because in practice they can account for 15 to 30 percent of the annual development budget. For a more detailed discussion of development costs, see our cluster on Software Development Costs 2026.
AI Code Generation as a Third Alternative
The most important strategic shift since 2024 is the rapid maturation of AI-assisted code generation. Cursor, Claude Code, and GitHub Copilot have completely changed the speed characteristics of classical custom-code development. A task that a junior developer would previously have implemented in a week, an experienced developer with AI assistance now completes in four to six hours in 2026. This shifts the break-even between low-code and custom-code dramatically — and in many cases in favour of custom-code.
Concretely: for an internal tool of moderate complexity that would previously have taken two weeks in Power Apps and ten weeks in custom-code, the custom-code figure today is closer to three to four weeks. The licence savings over five years — no Power Platform premium licences, no connector surcharges, no lock-in risks — exceed the additional development cost in many cases. The honest threshold question is no longer "low-code or custom-code" but "low-code or AI-assisted custom-code". The latter wins in 2026 in far more cases than most decision-makers assume.
The prerequisite, however, is discipline in the engineering process. AI-generated code without code reviews, without automated tests, and without architectural guidelines produces the same maintenance chaos as uncontrolled citizen-developer sprawl in Power Apps. Anyone serious about AI-assisted development needs an experienced senior team to set the architecture and conduct reviews. For integration with workflow automation, see also our cluster AI Agents and n8n Workflows.
Reepa's Recommendation by Use Case
From consulting practice with German mid-market companies, the following pragmatic recommendation emerges. It is intended as a starting point, not a rigid rule — every concrete decision should be preceded by a short architecture workshop.
- Internal employee tools for Microsoft customersMicrosoft Power Platform, because licenses are usually already in place and Teams integration is unbeatable. With a clear governance model and a defined skill pool.
- Admin interfaces for your own databasesRetool, because it is faster to build than a custom frontend and has a readable JSON export as a fallback.
- Customer portal with your own brandCustom-code with AI assistance. Avoid lock-in, retain UX control, cheaper in the long run.
- Multi-tenant SaaS productCustom-code, mandatory. Never on a low-code platform, because lock-in endangers the entire business model.
- Mobile-native app with hardware accessCustom-code, Flutter or React Native. Low-code mobile wrappers are not yet production-ready in 2026.
- Marketing website with CMSWebflow or a classical headless CMS with a custom frontend — depending on how much autonomy the marketing team needs.
- Quick lists and mini-workflows in business unitsAirtable for teams of up to 30 people, provided the data is not highly sensitive.
Frequently Asked Questions
Is Low-Code really cheaper than Custom-Code?
In the short term, yes — in almost all simple cases. An internal CRUD application can be built on Microsoft Power Platform or Retool in a few days rather than several weeks. Over three to five years the picture often reverses: per-user license costs scale linearly with headcount, whereas a custom system built once incurs only maintenance costs. Beyond roughly 100 to 200 active users, or as complexity grows, low-code licensing frequently stops making financial sense. Any serious calculation must include a five-year total cost of ownership rather than just the initial effort.
Which use cases are definitively unsuitable for Low-Code?
Three categories should generally not be implemented with Low-Code. First, complex business logic with many edge cases, state machines, and audit requirements — most low-code platforms model this with awkward workflow trees that become unmaintainable beyond 50 nodes. Second, mobile-native apps with high performance or hardware requirements — the web-wrapper solutions of most platforms are too slow for demanding UX. Third, multi-tenant SaaS products you bring to market yourself — you end up in a double lock-in trap because your end customers depend indirectly on the vendor.
How real is the vendor lock-in risk with Low-Code?
Very real. Most low-code platforms store logic, data models, and UI in proprietary formats that cannot be exported as readable code. OutSystems and Mendix do offer code export, but the output is practically unmaintainable — generated code with thousands of lines is not a realistic migration path. Webflow and Bubble have no serious export at all. In practice, switching means re-implementation. That is why every low-code decision needs a deliberate exit strategy and a budgeted rebuild reserve.
Is citizen development a security risk?
Without governance, yes — with governance, no. When business units build their own Power Apps without oversight, three problems typically emerge: unprotected data sources get wired into applications, GDPR-relevant data flows bypass the data protection officer, and critical workflows depend on a single person with no backup. Effective governance requires an approval process for production apps, a central inventory, regular security reviews, and clearly defined data classes that citizen developers are actually permitted to use.
Will AI code generation make Low-Code obsolete?
Partly yes, fully no. Tools like Cursor, Claude Code, and GitHub Copilot make classical custom-code development dramatically faster — tasks that used to take a junior developer a week are now possible in hours. This shifts the break-even point in favour of custom-code. For pure standard workflows with pre-built building blocks — approvals, simple forms, Microsoft 365 integrations — low-code remains the faster tool. The honest recommendation for 2026 is a three-tier model: low-code for trivial workflows, AI-assisted custom-code for the majority of applications, and pure custom-code for security- or performance-critical cores.
Ready for a well-founded platform decision?
Let's talk for 30 minutes, no obligation. We evaluate your use case, estimate licensing and development costs over five years, clearly identify lock-in risks, and propose a suitable model — low-code, custom-code, or a hybrid with AI assistance.
Schedule a 30-minute call
IT security and cloud architect with over ten years of experience. Advises mid-market companies on architectural decisions between custom-code, low-code, and AI-assisted development. Writes regularly on software development, cloud security, and NIS2.
Reviewed: 22 May 2026 · More about Hakan