Idempotency
How to use the X-Idempotency-Key header to safely retry requests without creating duplicate resources.
Idempotency
The Elebne Developer API supports idempotency keys on all write endpoints, allowing you to safely retry requests without creating duplicate resources.
How it works
- Include an
X-Idempotency-Keyheader with a unique string (e.g., a UUID) on your write request. - The API processes the request and caches the response for 24 hours.
- If you send the same request with the same idempotency key within 24 hours, the API returns the cached response without re-executing the operation.
curl -X POST https://api.elebne.ai/api/v1/dev/intents \
-H "Authorization: Bearer sk_test_YOUR_KEY" \
-H "X-Idempotency-Key: 550e8400-e29b-41d4-a716-446655440000" \
-H "Content-Type: application/json" \
-d '{"amount": 50000, "description": "Order #1234"}'Which endpoints require it
All write endpoints (POST, PATCH, DELETE) require the X-Idempotency-Key header. Requests without it return a 400 error with code IDEMPOTENCY_KEY_REQUIRED.
| Endpoint | Required |
|---|---|
POST /dev/intents | Yes |
POST /dev/intents/:ref/cancel | Yes |
POST /dev/intents/:ref/refund | Yes |
POST /dev/intents/:ref/simulate-payment | Yes |
POST /dev/store/products | Yes |
PUT /dev/store/products/:id | Yes |
DELETE /dev/store/products/:id | Yes |
PATCH /dev/store/products/:id/variants/:vid/stock | Yes |
POST /dev/store/products/import-csv | Yes |
POST /dev/webhooks/endpoints | Yes |
PUT /dev/webhooks/endpoints/:id | Yes |
DELETE /dev/webhooks/endpoints/:id | Yes |
POST /dev/webhooks/endpoints/:id/test | Yes |
GET endpoints | No (read-only) |
Key format
Idempotency keys can be any string up to 255 characters. We recommend using UUIDs (v4):
import { randomUUID } from 'crypto';
const idempotencyKey = randomUUID();
// "550e8400-e29b-41d4-a716-446655440000"import uuid
idempotency_key = str(uuid.uuid4())
# "550e8400-e29b-41d4-a716-446655440000"TTL and expiration
Idempotency keys expire after 24 hours. After expiration:
- The same key can be reused with different parameters.
- The original cached response is no longer returned.
Matching behavior
The API matches on the combination of:
- API key (your
sk_test_orsk_live_key) - Idempotency key (the
X-Idempotency-Keyheader value) - Endpoint (the HTTP method and path)
If you send the same idempotency key to a different endpoint, it is treated as a new request.
Do not reuse keys across different requests
Sending the same idempotency key with different request parameters (e.g., different amounts) within the 24-hour TTL returns the original cached response, not a new one. Always generate a new key for each unique operation.
Retry safety
Idempotency keys make it safe to retry requests on network errors:
async function createIntent(amount, description) {
const key = randomUUID();
for (let attempt = 0; attempt < 3; attempt++) {
try {
const res = await fetch('https://api.elebne.ai/api/v1/dev/intents', {
method: 'POST',
headers: {
'Authorization': `Bearer ${apiKey}`,
'Content-Type': 'application/json',
'X-Idempotency-Key': key, // Same key for all retries
},
body: JSON.stringify({ amount, description }),
});
return await res.json();
} catch (err) {
if (attempt === 2) throw err;
await new Promise(r => setTimeout(r, 1000 * (attempt + 1)));
}
}
}The key insight: use the same idempotency key for all retry attempts of the same operation. This ensures at most one payment intent is created, even if your first request succeeded but the response was lost.
Next steps
- Error Codes --
IDEMPOTENCY_KEY_REQUIREDerror details - Rate Limits -- retry behavior with rate limits
- Common Patterns -- required headers overview
Was this page helpful?