US Trends

what is dto in java

DTO in Java stands for Data Transfer Object – a simple object used to carry data between layers or systems (for example: controller ↔ service ↔ client) without exposing your full domain/entity model.

Quick Scoop: What is DTO in Java?

In Java, a DTO is a plain object whose job is only to hold data and get moved around.

It usually has:

  • Only fields and getters/setters (or a Java record)
  • No business logic
  • Often used in APIs, especially with Spring MVC / Spring Boot.

A compact example with a Java record:

java

public record UserDto(
    Long id,
    String name,
    String email
) {}

This UserDto might be returned from a REST controller instead of your JPA UserEntity, so you never expose fields like password or internal database details.

Why DTOs are Used (in 2020s Java)

Common reasons developers keep using DTOs today:

  • Security:
    You can hide sensitive fields like password, salary, or internal flags by simply not including them in the DTO.
  • API contract stability:
    Your database entities can evolve without breaking clients, because clients depend on DTOs (the API shape), not on entities.
  • Performance / fewer calls:
    You can combine data from multiple entities into one DTO and return it in a single API response instead of multiple calls.
  • Decoupling layers:
    DTOs separate persistence (JPA entities) from the web/API layer, making refactors and testing easier.

Mini Story: Without and With DTO

Imagine a UserEntity mapped with JPA that has fields like id, email, password, address, createdAt, updatedAt, etc.

  • If your Spring controller returns UserEntity directly, the JSON might accidentally include password and internal fields.
  • Later, if you add a new column (say isAdmin), it suddenly appears in responses, changing the API shape for every client.

With a DTO:

java

public record UserResponseDto(
    Long id,
    String name,
    String email
) {}

Your controller maps UserEntityUserResponseDto and only exposes id, name, and email.

The entity can change freely; the DTO only changes when you intentionally change your API.

Typical Java/Spring Usage Pattern

A very common pattern in Spring MVC / Spring Boot:

  1. Request DTO
    • Used as @RequestBody for incoming JSON (for example, UserCreateRequestDto with only allowed input fields).
  1. Response DTO
    • Used as the return type of controller methods (for example, UserResponseDto without sensitive fields).
  1. Mapping
    • Manual mapping in service layer, or using libraries like MapStruct to convert Entity ↔ DTO.

Quick HTML Table: DTO vs Entity

html

<table>
  <thead>
    <tr>
      <th>Aspect</th>
      <th>DTO</th>
      <th>Entity (e.g., JPA)</th>
    </tr>
  </thead>
  <tbody>
    <tr>
      <td>Purpose</td>
      <td>Transfer data between layers or over the network. [web:3][web:9]</td>
      <td>Represent and persist domain data in the database. [web:7]</td>
    </tr>
    <tr>
      <td>Logic</td>
      <td>No business logic, only **data**. [web:3][web:7]</td>
      <td>Can contain business rules, relationships, annotations. [web:7]</td>
    </tr>
    <tr>
      <td>Exposure</td>
      <td>Designed as public API contract, hides sensitive fields. [web:4][web:7][web:10]</td>
      <td>Not meant to be exposed directly to clients. [web:4][web:10]</td>
    </tr>
    <tr>
      <td>Structure</td>
      <td>Plain class or record, often smaller/simpler. [web:7][web:9]</td>
      <td>Full schema: many fields, JPA annotations, relations. [web:7]</td>
    </tr>
  </tbody>
</table>

TL;DR

A DTO in Java is a simple object used to move data between layers or services, especially in APIs, without exposing your full entities or database details.

You typically use DTOs to improve security, keep your API stable, reduce coupling, and sometimes to optimize performance by bundling related data into one response.

Information gathered from public forums or data available on the internet and portrayed here.