[System design] Ensuring Idempotent Requests]

Read for free: https://liverungrow.medium.com/system-design-ensuring-idempotent-requests-3cb1f5957f71?sk=1af8a6440e0c4a7b957968e3c70d7dd9

Photo by Amol Tyagi on Unsplash

How to ensure a user only submits one request, even if they accidentally clicked more than once.

Implement Idempotency Keys

An idempotency key is a unique identifier (usually a string) that is attached to a request so the server can detect and ignore duplicate operations.

In payments, this prevents double-charging a customer.

• First request with idempotency key "order-12345" comes in.
• Backend checks its idempotency store (e.g., a database or cache):
• Key not found → process the request → store the result (e.g. charge ID) against that key.
• Second request with the same key arrives (duplicate click).
• Backend looks up "order-12345" and says: Key found → return the same response as before → no extra charge.

The idempotency key must stay the same across retries for the same intent. We can use a UUID for the key.

The Frontend can generate a UUID key only once (e.g. when user opens payment page), and add it to the HTTP header.