What is an idempotency key?

A unique identifier sent by a client that allows a server to recognize and ignore duplicate requests.

How long should I store these keys?

Usually 24 to 48 hours, depending on how long you expect a client to retry a failed request.

Can I use a timestamp instead of a UUID?

No, timestamps are prone to collisions and can be manipulated; a UUID is a much safer option.

Building Resilient Distributed Systems with Idempotency Keys

Why does your distributed system fail during network retries?

You've built a system that works perfectly in a controlled environment, but the moment it hits a real-world network, things fall apart. A client sends a request to charge a credit card, the server processes the payment, but then the connection drops before the server can send a success response. The client, seeing a timeout, automatically retries the request. Suddenly, the customer is charged twice. This isn't just a minor bug; it's a fundamental problem with distributed systems. This post covers how to implement idempotency keys to prevent duplicate operations and ensure your data stays consistent even when the network fails.

Idempotency is the property of certain operations in mathematics and computer science whereby they can be applied multiple times without changing the result beyond the initial application. In the context of an API, it means that making the same call once or ten times should yield the same outcome (and the same side effects). Without this, your system is vulnerable to the "double-spend" problem or duplicate resource creation. It's a necessity for any high-stakes operation like payments, order placement, or inventory updates.

How do I implement idempotency in a REST API?

The most common way to handle this is by requiring a unique identifier—often called an Idempotency Key—in the request header. When a client makes a request, they generate a UUID and send it along with the payload. The server checks if it has seen this specific key before. If it has, the server doesn't run the logic again; instead, it simply returns the cached response from the first successful attempt.

To implement this, you'll need a fast, key-value store like Redis or a highly available database to track these keys. Here's a general workflow:

Step 1: The client generates a unique ID (e.g., `X-Idempotency-Key: 550e8400-e29b-41d4-a716-446655440000`).
Step 2: The server receives the request and checks the database for that key.
Step 3: If the key exists, the server returns the stored response immediately.
Step 4: If the key doesn't exist, the server locks the key, processes the business logic, stores the result, and then releases the lock.

You have to be careful with the lifecycle of these keys. Storing them forever is a waste of space, but deleting them too early can lead to issues if a retry happens after the key expires. Most teams set a TTL (Time To Live) of 24 to 48 hours for these keys, depending on the business context.

Where should I store idempotency keys?

The choice of storage depends on your latency requirements and the scale of your application. For most web applications, a distributed cache like Redis is the gold standard. It's fast, handles high throughput, and supports automatic expiration via TTL. Using a cache ensures that your API latency doesn't suffer significantly when checking for existing keys.

If your operations are extremely heavy or involve complex state changes across multiple databases, you might want to store the key in your primary relational database (like PostgreSQL) within the same transaction as the business logic. This guarantees atomicity—either the whole operation and the key storage succeed together, or they both fail. While this adds a bit of overhead, it's much safer for financial transactions where consistency is more important than raw speed.

Note: Never rely on client-side timestamps as a substitute for a unique ID. Timestamps can collide or be manipulated; a UUID is much harder to forge or duplicate by accident.

Consider the edge case where a request is currently "in-flight." If a second request arrives with the same key while the first one is still processing, your server should return a 409 Conflict or a 425 Too Early status. This prevents two simultaneous threads from running the same logic at the same time.

How do I handle partial failures during processing?

A common mistake is assuming that the idempotency key only protects the very end of the process. In reality, you might need to manage state transitions. If your process involves three different microservices, and the second one fails, you can't just return the original error. You need to decide if the operation is actually complete or if it needs to be rolled back.

One strategy is to use a state machine. Instead of just storing the final response, you store the current state of the request. If the client retries, the server looks at the state: Pending, Completed, or Failed. If it's Completed, return the success. If it's Failed, you can decide whether to allow a retry or return the error. This approach makes your system much more predictable. You can read more about distributed systems patterns and failure modes on the AWS Microservices documentation to see how these patterns scale in the cloud.

Implementing this correctly requires discipline. You can't just throw a key in a header and call it a day. You have to account for the time between the request arriving and the database commit. If your system crashes halfway through, the idempotency key must reflect that the transaction was never finalized. This prevents the client from thinking a failed attempt was actually a success, or vice-versa.