Data Transfer Objects

Ronald Rex 1,666

I just have a quick question concerning DTO's. I read that DTO's are useful for security purposes e.g. they prevent you from sending confidential data across the network. But the tutorial also said that DTO's are also useful in the case that if there is a change to the API, DTO's prevent your application from breaking. Could someone please be kind enough to show me an example or explain how this would work. Is this simply saying that you use DTO's so that you are not directly calling the web API for your Data? I'm a little confused and any help would be greatly appreciated.

AgaveJoe 26,201 Reputation points

2022-08-24T10:45:59.177+00:00

I can't read the tutorial you are referring to.

A DTO is just a data interface. Simply put, data traveling from point A to point B must follow the data interface. For example a DTO contains firstname, lastname, and birthdate properties. The properties make up the data interface. The logic that populates the DTO can change but as long as the data interface does not change then the client will continue to function.

Is this simply saying that you use DTO's so that you are not directly calling the web API for your Data?

No. Web API accepts and returns DTOs.

Accepted answer

Bruce (SqlWork.com) 56,026 Reputation points

2022-08-24T16:16:12.977+00:00

Data Transfer Objects are used pass data between two process. They differ from business objects in that they have no methods, they are data only. Because they have no methods, api changes in the processes typically have no impact. Of course adding new data elements to the DTO will be a breaking change.

A webapi or a business layer should return DTO's rather than Business Objects. They should be an abstraction of the underlying data, so processing logic or data store changes have as little impact as possible.
Please sign in to rate this answer.
Ronald Rex 1,666 Reputation points

2022-08-24T17:39:57.383+00:00

Your answer to my question was very helpful. Let me give you feedback to what I understood you to say. The reason why using DTO's will not have an impact on your application if the Web Api changes is because they are not a class or they do not create a dependency to the Web API. Technical tutorials are many times lacking in explaining the why's and I think that may leave a lot of developers not knowing the reason why they are using certain constructs. I understood that it filters the data so that you are not sending personal or private information across the network, but I didnt understand the part about why they also serve to keep your application from crashing if the Web API is changed. Well, they are "designed" to be decoupled but I guess it also depends on how you use them. Greatly Appreciated !!!!

Bruce (SqlWork.com) 56,026 Reputation points

2022-08-24T19:33:12.113+00:00

you got it. typically you would create a separate project for the DTO's so they have will no dependences and can be freely shared between projects

Ronald Rex 1,666 Reputation points

2022-08-24T20:37:10.197+00:00

Wow, Thats Awesome that you have been Very Helpful !!!!
Sign in to comment

Data Transfer Objects

0 additional answers