How it works
- Generate a unique
Idempotency-Keyfor each distinct operation - Include it in the request header
- If you retry the same request with the same key, Bluum returns the original response instead of processing it again
When to use idempotency keys
| Operation | Required | Why |
|---|---|---|
| Deposits | Yes | Prevent duplicate fund transfers |
| Withdrawals | Yes | Prevent duplicate disbursements |
| Orders | Recommended | Prevent duplicate trades (use client_order_id as alternative) |
| Account creation | Optional | Account uniqueness is enforced by other means |
| Read operations (GET) | Not needed | GETs are naturally idempotent |
Generating keys
Use any unique string. Common approaches:Behavior
| Scenario | Result |
|---|---|
| First request with key | Processed normally, response stored |
| Retry with same key, same body | Original response returned (no reprocessing) |
| Retry with same key, different body | Error — key is already associated with a different request |
| Different key, same body | Processed as a new request (potential duplicate) |
Key expiration
Idempotency keys expire after 24 hours. After expiration, the same key can be reused for a new request.Best practices
- Generate a new key for each distinct operation — don’t reuse keys across different deposits or withdrawals
- Store the key alongside your local transaction record for debugging
- Use the key consistently across retries of the same operation
- Include the operation type in the key prefix for readability (
dep-,wdr-)