Practice the vocabulary of safely retrying a request without causing a duplicate side effect.
0 / 5 completed
1 / 5
At standup, a dev mentions attaching a unique identifier to a payment request so that if the client retries it after a timeout, the server recognizes it as the same request rather than processing it twice. What is this identifier called?
An idempotency key is a unique identifier attached to a request so that if a client retries the same logical request, like after a network timeout, the server recognizes it as a duplicate of a request it already processed rather than executing the action a second time. This is especially critical for an action with a real side effect, like charging a payment, where processing the same request twice would cause a genuine, harmful duplication. The client generates and reuses the same key across retries of what's logically the same request.
2 / 5
During a design review, the team wants the server to store the result of a request tied to its idempotency key so a retried request can return that same cached result rather than reprocessing. Which capability supports this?
Idempotency key result caching stores the outcome of a request tied to its idempotency key, so a retried request with the same key returns that same previously computed result instead of reprocessing the action a second time. Reprocessing every retried request as though it were brand new is exactly what creates a duplicate side effect, like a duplicate charge. This caching is what actually delivers idempotent, safe-to-retry behavior rather than just detecting a duplicate without doing anything useful about it.
3 / 5
In a code review, a dev notices the server sets a reasonable expiration on stored idempotency keys rather than retaining them indefinitely. What does this represent?
An idempotency key expiration policy sets a reasonable time window after which a stored key and its cached result are no longer retained, since retries of a genuinely failed or timed-out request are only realistically expected within a limited window. Retaining every key indefinitely accumulates unnecessary storage over time with little practical benefit beyond that reasonable retry window. This expiration policy balances the reliability benefit of idempotency against the ongoing cost of storing that data forever.
4 / 5
An incident report shows a client accidentally reused the same idempotency key across two genuinely different requests, and the server incorrectly returned the first request's cached result for the second, unrelated request. What practice would prevent this?
Generating a fresh, unique idempotency key for each genuinely distinct logical request ensures the server can correctly tell apart a real retry of the same request from an entirely different one. Reusing the same key across unrelated requests causes the server to incorrectly treat them as duplicates of each other. This key-generation discipline on the client side is what makes the whole idempotency mechanism trustworthy rather than a source of incorrect cached responses.
5 / 5
During a PR review, a teammate asks why the team requires an idempotency key on this payment endpoint instead of just relying on the client to avoid sending a duplicate request. What is the reasoning?
A network failure can prevent a client from receiving a successful response even though the server actually completed the request, leading a well-intentioned client to retry a request that already succeeded. Relying solely on the client to avoid duplicates doesn't account for this genuinely ambiguous situation. A server-side idempotency key check protects against the duplicate side effect regardless of why the client ended up retrying. The tradeoff is the added implementation and storage complexity of tracking these keys and their results.