
Ask HN: Idempotency Key: Where to Generate the Attribute - boonez123
I am making the following http request to create a financial transaction on another system.<p>The request follows this path:<p>Http request -&gt; Service -&gt; Third Party(like stripe but not stripe).<p>Should the idempotency_key be put into the http request so clients will have to generate it (most likely a uuid) or alternatively should the idempotency key be generated in the service itself?<p>I&#x27;m putting it out here on hacker news for people who have experience building and maintaining API&#x27;s for financial institutions.
======
ezekg
I like how Stripe does idempotent requests [0]. Essentially, you end up
saying, "do this thing, which I'm calling 'charge-for-cust-foo', but only do
it once, even if I tell you to do it again." Putting the "burden" of
generating a unique idempotency key on the client seems to be the best
solution, otherwise, they have to somehow store the idempotency key that your
service generates to re-send it for the next request, which adds complexity on
their end, especially when the request could be sent from multiple servers
that need to share which key belongs to which request (i.e. multiple servers
rule out storing the keys in memory, which would already pose a risk due to
crashes/restarts clearing memory).

[0]:
[https://stripe.com/docs/api/idempotent_requests](https://stripe.com/docs/api/idempotent_requests)

------
verdverm
put the least burden on users as possible

