Idempotent Requests

Safely retry POST requests

The Fintoc API supports idempotency for safely retrying requests without accidentally performing the same operation twice. This might very useful when creating Charges, Payment Intents, Outbound Transfers or any other resource that you want to avoid creating twice because of networking problems.

If a connection error occurs when creating an object along with an idempotency key, you can safely repeat the request without risk of creating a second object.

To perform an idempotent request, provide an additional Idempotency-Key: <idempotency-key-value> header to the request.

An idempotency key is a unique value generated by the client which the server uses to recognize subsequent retries of the same request. How you create unique keys is up to you, but we suggest using V4 UUIDs, or another random string with enough entropy to avoid collisions. Idempotency keys can be up to 255 characters long.

Fintoc's idempotency works by saving the resulting status code and body of the first request made for any given idempotency key, regardless of whether it succeeded or failed. Subsequent requests with the same key return the same result, including 400/500 errors.

📘

Authentication needed

If incoming request failed authentication, no idempotent result is saved because no API endpoint began execution.

The idempotency layer compares incoming parameters to those of the original request and raises an error unless they're the same to prevent accidental misuse.

Keys are eligible to be removed from the system automatically after they're at least 24 hours old, and a new request is generated if a key is reused after the original has been pruned.

All POST requests accept idempotency keys. Sending idempotency keys in GET and DELETE requests has no effect, as these requests are idempotent by definition.

Below you can see an example of creating a charge that allows to retry the request avoiding any risk to duplicate the charge.

curl --request POST "https://api.fintoc.com/v1/charges" \
-- header 'Authorization: sk_live_0000000000000000' \
-- header 'Content-Type: application/json' \
-- header 'Idempotency-Key: 31a0dd22-38e4-4392-81e1-aa3a2018b48d' \
--data-raw '{
  "subscription_id": "sub_000000",
  "amount": 10000,
  "currency": "clp",
  "metadata": {}
}'