Spring boot restful API validation in layered architecture

spring boot rest api validation errors
spring boot validation in service layer
spring boot validation messages properties example
bindingresult in spring boot rest api
how to validate rest api response
server side validation in spring boot
spring boot request header validation
rest api input parameter validation

Today i have a big discussion with one of our team member about validation of RESTful API input in Controller and Service layer and i feel it is a bad day for making bigger argument. So we have a spring boot microservice application with layered architecture

Controller --> Service --> Repository

The argument is having the validation at each layer or just having the validation at Controller layer, for example we have Controller with POST request and using JSR-380 validation for input request body

Controller :

@PostMapping(value = "/", consumes = {"application/json"}, produces = {"application/json"})
public ResponseEntity<Detail> createConfig(

        @NotNull(message = "{error.message.config_detail}")
        @RequestBody @Validated Config config) {

    return new ResponseEntity<>(configService.create(config.getConfigId(), config.getTaskId()), HttpStatus.CREATED);

Config : Request Body

public class Config {

@ApiModelProperty(name = "config_id", example = "1", required = true)
@NotNull(message = "{error.message.config_id}")
private Long configId;

@ApiModelProperty(name = "task_id", example = "11", required = true)
@NotNull(message = "{error.message.task_id}")
@Min(value = 0, message = "{error.message.task_id}")
@Max(value = 9999, message = "{error.message.task_id}")
private Integer taskId;

// bunch of addition fields with validations 


If the validation success then calling the Service method with some properties from Config

Service :

public Detail create(@Valid @NotNull Long configId, @NotNull Integer taskId) {

   // some business logic to convert to entity and saving to database

    return repository.save(entity));

So if we see the above code, same validation is done at Controller and Service, So i argued that there is no need of validating in Service layer, perform the validation at controller layer and if input is wrong then throw 400 or 500 to user. But another person in team also suggest having validation in each block for whatever is used in the block, so that individual piece of code is safe (focusing on the unit instead of the integration path).

I know i might be wrong in this case, but still not able to understand the validation at each layer,(null check i agree) so it is recommended approach having validation at each level

Controller --> validation call service

Service ---> validation and call business 

Business ---> validation and call repository

Repository --> save

But what is the prefered way of validation ? according to me if Controller input is valid call Service and perform business logic and call Repository. correct me if i'm wrong so that i can follow the recommended pattern

You are right : the validation should be placed in controller, if possible. And it's make no sense in my opinion to validate the data more then 1 time. See also DRY principle https://en.wikipedia.org/wiki/Don%27t_repeat_yourself

Spring boot restful API layered architecture validation, with one of our team member about validation of RESTful API input in Controller and Service layer and i feel it is a bad day for making bigger� Spring boot restful API validation in layered architecture Hot Network Questions Why does a server CPU perform faster tasks than a Macbook Pro CPU with the same benchmark score?

It is situational. Some validation needs to be performed in the service layer. Say, you will need to change a state of an object, but only if certain conditions are met etc. A part from that, as a rule of thumb i follow these guidelines: If your services are publicly exposed to other services via RMI, then service layer validation is mandatory, if not go with controller level validation.

Spring RESTful Web Services Validation: A Complete Blueprint , This article takes a look at how to develop a REST API and also how to In a previous post, we discussed how to handle exceptions in a Spring Boot Web MVC some people prefer to do the validation in the service layer. Spring Boot follows a layered architecture in which each layer communicates with the layer directly below or above (hierarchical structure) it: Presentation layer: This is the user interface of the application that presents the application’s features and data to the user.

Unless you are using the services and / or repositories as libraries in other projects, too, it does not make sense to do the validation multiple times. If the controllers are the only classes accessing the additional layers there is no need for additional validation as you and your controller are the only one to access the Spring beans. You and the controller are in control of accessing the services with valid parameters.

Doing several validations has the disadvantage of writing more complex services - including unit tests. It is slower. Changing the validation will take longer as multiple layers have to be changed - including unit tests. The validations on several layers can and will differ in a matter of time.

The preferred way is to do the validation once in (or even before) the controller and writing integration tests to ensure its functionality.

Spring Boot Project Architecture, Three-tier (or three-layer) architecture is a widely accepted solution to organize According to this architecture, the codebase is divided into three separate layers Spring Boot Rest API Validation with Hibernate Validator � Spring Boot REST� I hope this helps someone design a multi-layered architecture for RESTful web services with Spring Boot and Kotlin! Let me know if you have any comments or suggestions. The Startup

Three Tier (Three Layer) Architecture in Spring MVC Web Application, In this article, we will discuss how to create three-layer architecture in Spring MVC web applications. Three Tier (Three Layer) Architecture VS MVC Pattern 3. Spring Boot Rest API Validation with Hibernate Validator � Spring Boot REST � As shown above, we included spring-boot-starter-web in our pom.xml file, because we'll need it for creating the REST controller. Additionally, let's make sure to check the latest versions of spring-boot-starter-jpa and the H2 database on Maven Central. Starting with Boot 2.3, we also need to explicitly add the spring-boot-starter-validation

In which layer should validation be located?, I'm creating a Rest API using Spring Boot and I am using Hibernate Validation to validate request inputs. But I also need other kinds of validation,� Validation is an important part of an application, be it a website or a service. So, we look at how to implement validation for a Spring Boot-based RESTful service.

Spring Boot Tutorial, REST API / JSON / Swagger; Test support; Validation/conversion implementation of a layered architecture using Spring boot can look like this� Creating Spring Boot and React Java Full Stack Application with Maven. This guide helps you create a Java full stack application with all the CRUD (Create, Read, Update and Delete) features using React as Frontend framework and Spring Boot as the backend REST API. We use Maven as the build tool.

  • If data isn't valid then why need to call the service and validate there?