Design a File Service
Explore how to design a reliable and secure file service API that supports uploading, downloading, deleting, and listing files. Understand choosing REST for client and internal communications, handling metadata and binary files, and meeting nonfunctional requirements like availability and low latency. Learn architectural decisions, API endpoints design, and strategies for scalability and security in real-world file storage systems.
File service overview and requirements
Cloud storage services like Google Drive, Dropbox, and OneDrive offer reliable, scalable storage by transferring files between clients and powerful host systems. From a client's perspective, uploading a file looks like a simple API call, but the underlying system involves multiple frontend and backend services coordinating together.
Designing this file storage API requires clearly defined requirements up front.
Functional requirements
Upload: Securely upload files to remote storage.
Download: Download uploaded files from remote storage.
Delete: Allow only file owners to delete uploaded files.
List: Allow file owners to list their uploaded files.
Nonfunctional requirements
Reliability: No data loss or corruption during transfer; persistent storage after a successful upload.
Security: Appropriate mechanisms for secure data access.
Scalability: Handle increasing numbers of users and files.
Availability: High availability for on-demand upload and download.
Low latency: Minimize upload and download response times.
You're designing a file storage API with operations like upload, download, delete, and list. The system has two communication stages:
Client to API gateway: The client authenticates and interacts via standard HTTP operations (for example, uploading and downloading files).
API gateway to internal services: The gateway coordinates metadata extraction, database updates, file processing, and blob storage across multiple downstream services.
Which communication style (REST, gRPC, or GraphQL) would you choose for each stage, and why? Use the AI assessment widget below to submit your solution and get an interactive response.
Prerequisites
We recommend that you read about the following concepts before proceeding with this chapter, if you have not already.
Should the support for multiple file encoding schemes (PNG, GIF, SVG, MKV, etc.) be considered a separate functional requirement?
Design overview and decisions
With these requirements established, the next step is to examine the file API's overall operation and component interactions. API design is influenced by business requirements and technology choices, so a combination of architectural styles often works in tandem. The following diagram shows the detailed workflow of the components and services involved in the file API design.
The functionality of these components and services is summarized in the table below.
Components and Services Details
Component or Service | Details |
File servers |
|
Processing server |
|
User to file mapping system (UFMS) |
|
Blob storage |
|
Temporary storage |
|
User server |
|
SQL database |
|
CDN servers |
|
API gateway |
|
Client |
|
Workflow
The workflow is divided into two stages:
Client to API gateway: The API authenticates the client and verifies read/write access. After successful verification, the user can upload, download, list, or delete files via HTTP requests.
API gateway to downstream services: The gateway forwards requests to the appropriate API services. For uploads, the ...