Official CTO blogs

Appearance

Multipart APIs and File Uploads

Introduction

When building modern web applications, handling file uploads is a common requirement — whether for profile pictures, documents, or large datasets. Standard JSON APIs are not designed for large binary data, so developers rely on Multipart APIs, which use the multipart/form-data content type to efficiently transmit files along with metadata.

What is Multipart/Form-Data?

  • Multipart/form-data is an HTTP content type used for file uploads.
  • It breaks the request body into separate parts — each part having its own headers (like content type) and payload.
  • Typically, one part contains metadata (JSON fields), while others contain binary file data.

Example HTTP request (simplified):

http
POST /upload HTTP/1.1
Content-Type: multipart/form-data; boundary=----XYZ

------XYZ
Content-Disposition: form-data; name="username"
Content-Type: text/plain

alice123
------XYZ
Content-Disposition: form-data; name="file"; filename="photo.png"
Content-Type: image/png

(binary data here)
------XYZ--

Advantages of Multipart APIs

  • Mix Data + Files: Send JSON fields and files in the same request.
  • Streaming Support: Large files can be streamed instead of held fully in memory.
  • Cross-Language Compatibility: Supported by most HTTP clients and frameworks.
  • Browser-native: HTML <form enctype="multipart/form-data"> supports this directly.

Common Use Cases

  1. Profile Image Uploads (web apps, social media).
  2. Document Management Systems (upload PDFs, Word docs).
  3. Data Science APIs (CSV or dataset uploads).
  4. Cloud Storage Integrations (uploading to S3, GCS via API).

Example: Spring Boot (Java)

java
@RestController
public class FileUploadController {

    @PostMapping("/upload")
    public ResponseEntity<String> uploadFile(
        @RequestParam("file") MultipartFile file,
        @RequestParam("username") String username) {
        
        // Save the file
        System.out.println("User: " + username + " uploaded " + file.getOriginalFilename());
        
        return ResponseEntity.ok("File uploaded successfully");
    }
}

Example: Node.js (Express + Multer)

javascript
const express = require('express');
const multer  = require('multer');
const upload = multer({ dest: 'uploads/' });

const app = express();

app.post('/upload', upload.single('file'), (req, res) => {
  console.log(`User ${req.body.username} uploaded ${req.file.originalname}`);
  res.send('File uploaded successfully');
});

app.listen(3000, () => console.log('Server started on port 3000'));

Best Practices

  • Validate file type & size before saving.
  • Use cloud storage (S3, GCS, Azure Blob) for scalability.
  • Set limits (e.g., max upload size) to prevent abuse.
  • Secure APIs with authentication (avoid open upload endpoints).
  • Consider chunked uploads for very large files.

Conclusion

Multipart APIs provide a reliable and efficient way to handle file uploads in modern applications. They allow seamless transmission of binary files alongside structured data, making them essential for scalable, secure, and user-friendly systems.