A user clicks "Pay Now". The internet blips. They click it again.
Do you charge them twice?
Defining Idempotency
An operation is idempotent if applying it multiple times has the same effect as applying it once.
f(f(x)) = f(x)
Safe methods:
* GET: Fetching a profile twice doesn't change it.
* PUT: Updating address to "New York" twice results in "New York".
* DELETE: Deleting ID 5 twice? The second time might 404, but the state (ID 5 is gone) is the same.
Unsafe methods:
* POST: Creating a payment.
The Fix
Use an Idempotency Key.
The client generates a UUID (123-abc) and sends it with the request.
The server checks Redis: "Have I seen 123-abc?"
* Yes: Return the cached response.
* No: Process payment, save response.
Conclusion
Build resilient APIs that assume clients will retry. Because they will.