z.string() is a Zod schema method that defines and validates values as primitive strings, forming a core part of Zod schema framework.
It is primarily used to ensure that data is a valid string before it’s processed, stored, or sent over APIs.
- Form inputs: Ensure a user’s name or email is a string.
- API requests/responses: Validate that incoming JSON fields are strings.
- Database entries: Prevent invalid data types from being saved.
Try It Yourself: Code Example
z.string().parse("input");Explanation:
z.string()ensuresinputis a string.parse()validates the value and throws an error if it’s not a valid string.
Now that we know how z.string() ensures a value is a valid string, let’s explore how to enforce specific string rules and formats.
Applying Length Constraints to Strings
If we want to control the size of string inputs in forms, APIs, or databases, Zod allows us to apply length constraints to ensure data consistency and integrity.
Enforcing minimum, maximum, or exact string lengths helps prevent issues like empty usernames, overly long passwords, or invalid codes from entering your application. By combining z.string() with length-based validations, developers can maintain reliable input validation, improve user experience, and catch errors before storing or processing data.
z.string().min(2).max(8)
z.string().length(6)For a complete guide on how to validate string lengths and other Zod types with min, max, and exact rules, check out our comprehensive length guide.
Automatically Parse and Convert Non-String Inputs with Zod Coercion
When working with strings, coercion helps automatically convert non-string inputs into string values before applying validations. It’s especially helpful when handling data from forms or APIs that may send numbers, booleans, or mixed types. Coercion ensures the input is treated as a string, so length or pattern rules can be safely applied.
z.coerce.string().parse(45)For detailed use cases and syntax, explore our Zod coerce tutorial to see how non-string inputs are safely converted into valid strings.
Dynamically Modify and Format Strings Using Zod Transform
Strings often need extra processing even after validation—like trimming, converting to lowercase, or formatting usernames. Instead of writing manual logic for every case, you can apply z.string().transform() to handle it seamlessly.
z.string().transform(val => val.trim()).parse(' tecktol ')Explore how transformation simplifies such cases in our Zod transform tutorial.
Using String Literals
Sometimes, you need a string value to be exactly one specific value, like "active" or "pending". While this isn’t required for every string, Zod allows you to enforce string literals to restrict inputs to fixed values. This is especially useful when handling status fields, categories, or any input that must match a predefined constant.
z.literal("string").parse("string")For a full overview of literals across different data types and detailed examples, check out our Zod literals tutorial.
Summary
In Zod, z.string() ensures that any input is a valid string, making it essential for form validation, API requests, and database entries. You can refine string data further by applying length constraints to enforce minimum, maximum, or exact character counts, helping prevent empty or overly long inputs.
For inputs that may come in unexpected types, coercion converts values into strings automatically, ensuring consistent validation. When you need to modify string values, z.string().transform() allows seamless processing such as trimming, formatting, or converting case.
Finally, if a string must match a specific value, Zod’s string literals let you enforce fixed constants like "active" or "pending".
