TIL
Idempotency keys stop duplicate charges
On a charge endpoint, a retry or a double click can turn one payment into two. The fix is an idempotency key. The caller sends a unique key with the request, and we store it the first time we see it, along with the result.
If the same key comes back later (a retry, a double click, a provider re-send), we do not charge again. We just return the result of the first call.
It keeps duplicate charges and duplicate rows from showing up when the network gets flaky or someone gets impatient and clicks twice. The key has to come from the caller and stay the same across retries, otherwise it does nothing.