/pætʃ/
n. “Fix it, tweak it, change just what’s needed.”
PATCH is an HTTP request method used to apply partial modifications to a resource on a server. Unlike PUT, which replaces the entire resource, PATCH allows clients to send only the fields or sections that need updating. This makes PATCH ideal for efficient updates where only a small portion of a resource has changed.
For example, if a user profile exists at /users/123 and only the email address needs to be updated, a PATCH request can include just the new email field rather than sending the entire profile data. This reduces bandwidth usage and lowers the risk of accidentally overwriting unrelated fields.
In RESTful APIs, PATCH is used alongside PUT, POST, GET, and DELETE to provide a complete CRUD toolkit. While PUT is idempotent (repeating the request results in the same state), PATCH can be non-idempotent depending on how the server applies the changes, so developers should implement it carefully.
Common uses of PATCH include updating user preferences, adjusting configurations, or modifying specific fields in a document without touching the rest. API designers often combine PATCH with JSON or XML payloads specifying the exact keys or paths to modify.
Security considerations include authenticating the client, validating input data, and ensuring authorization for partial updates. Encryption via TLS is recommended to protect sensitive data in transit. Proper implementation prevents unintended changes or corruption of the resource.
In essence, PATCH gives developers surgical precision for resource updates. It is a flexible tool that complements PUT and POST, allowing modern web applications, SaaS platforms, and APIs to operate efficiently, minimize errors, and maintain data integrity while handling incremental changes.