[httpapi] Header for idempotency
Sanjay Dalal <sanjay.dalal@cal.berkeley.edu> Tue, 25 May 2021 05:11 UTC
Return-Path: <sanjay.dalal@gmail.com>
X-Original-To: httpapi@ietfa.amsl.com
Delivered-To: httpapi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C24673A13F7 for <httpapi@ietfa.amsl.com>; Mon, 24 May 2021 22:11:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.8
X-Spam-Level:
X-Spam-Status: No, score=-0.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_SBL=0.5, URIBL_SBL_A=0.1] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cal-berkeley-edu.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YXdZiSPZEhwX for <httpapi@ietfa.amsl.com>; Mon, 24 May 2021 22:11:30 -0700 (PDT)
Received: from mail-lf1-x12b.google.com (mail-lf1-x12b.google.com [IPv6:2a00:1450:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 597BD3A13F6 for <httpapi@ietf.org>; Mon, 24 May 2021 22:11:30 -0700 (PDT)
Received: by mail-lf1-x12b.google.com with SMTP id b26so27959542lfq.4 for <httpapi@ietf.org>; Mon, 24 May 2021 22:11:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cal-berkeley-edu.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to:cc; bh=Lkj4hll2t45HDwYymo+II2W5in/4820/xXs5ZHLmEhw=; b=LQReEdXvOwCnbyU/Ats22/ykWXmZWSELpFHf2xwgfz9VJtCBkiCFjUZz+6ppaIduGB 0QUiBxTE8VCJdirk2VlKpFm58p5ZWIJGJIEKF09XirgSs08Bap/nyqB4Srscwn4zFrIk nZCrzWci930D7KSLVqAKh7M049Gq+94U2bHwZS9oV4yyw4yCxFKx7yNYl6aa0KvzydVK E/mrLIRPOyuV/mzbD7B1lZhocGKfAAod6KhupEmHEhUNGrQlhbTY7TAH6CpRhaqR6VLq BrJ+wTPDSE2TZZgqBCrxKEkk4as3DDsgZgIttvWOWsO4dZHB4ss2MpYrorX/avU0rCeX vzxQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=Lkj4hll2t45HDwYymo+II2W5in/4820/xXs5ZHLmEhw=; b=bzkGCWpSyFYmRJj4t1pz6bWxb51IWCOXgvk+jmutG2DEA398B+dwWMuGiaitvldchp ezuwYdU37LS3CCPLLdtELZkv1ofV87G+1DWZS3ZmtFHwBpk7ptP1KQVq9srel2xxPGgh mxldjT1GFmodlV9edAEnL6TuqaynItS8nvOJ65L/cEuFRUmvyJNn//QmRwCBf25oZ4EH /cH5z34+I9oONp1cSK3eJXB05jeAo8ZOR/NsYfoqnQONN2xQGtibFpo6wrP61e2vtbHt Lvh/IZ9i9ok1g2i+lfcWqzjUbkn3xqnoF4lyKLfaV00kP5dOEZa2YHd4qbZJNDYr+6Oy u9vQ==
X-Gm-Message-State: AOAM5325EdBkTDIB6LFqZzggMh0hlRhfZz9J5g/pY4yWIZ7D1YfIkCRJ J208hCcneblhKhBJyyKjCRfu/xOGOvD6l5Iomu2+fttRwmI=
X-Google-Smtp-Source: ABdhPJwEXotJuprvL4aGjMS9ZU+EhS//tZ1BUtJycmnrUfeTA5vCEGXeyVr66hsfkR61Je9TrWE3zoYHdUuPOO60S1c=
X-Received: by 2002:a05:6512:1318:: with SMTP id x24mr12483798lfu.53.1621919487290; Mon, 24 May 2021 22:11:27 -0700 (PDT)
MIME-Version: 1.0
From: Sanjay Dalal <sanjay.dalal@cal.berkeley.edu>
Date: Mon, 24 May 2021 22:11:16 -0700
Message-ID: <CAC5fHGN_GbQo9fPm=f82QoqfVv7vtt6DNL0kE2FWXzJ_pFHxrQ@mail.gmail.com>
To: httpapi@ietf.org
Cc: Jayadeba Jena <jjena@paypal.com>
Content-Type: multipart/alternative; boundary="000000000000e4f34d05c3208e99"
Archived-At: <https://mailarchive.ietf.org/arch/msg/httpapi/bjq47cyduUOV9kL2fPd2SpR8K4E>
Subject: [httpapi] Header for idempotency
X-BeenThere: httpapi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Building Blocks for HTTP APIs <httpapi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/httpapi>, <mailto:httpapi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/httpapi/>
List-Post: <mailto:httpapi@ietf.org>
List-Help: <mailto:httpapi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/httpapi>, <mailto:httpapi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 May 2021 05:11:36 -0000
Hello all, Jayadeba and I would like to submit a draft for The Idempotency HTTP Header Field <https://datatracker.ietf.org/doc/html/draft-idempotency-header-01> to this working group for further consideration. We have listed below some organizations using this header. Many of these were already using the header before we wrote the draft. Many are using the concept in their APIs but differently (listed below as well). Predominantly this header is used by fintech companies and financial orgs but we have found usage elsewhere too including in Django and https.org (HTTP for Scala). Let us know how we can proceed. See the abstract and implementation status below. thanks, sanjay https://datatracker.ietf.org/doc/html/draft-idempotency-header-01 *Abstract* The HTTP Idempotency request header field can be used to carry idempotency key in order to make non-idempotent HTTP methods such as POST or PATCH fault-tolerant. *Implementation Status* Organization: Stripe o Description: Stripe uses custom HTTP header named "Idempotency- Key" o Reference: https://stripe.com/docs/idempotency Organization: Adyen o Description: Adyen uses custom HTTP header named "Idempotency-Key" o Reference: https://docs.adyen.com/development-resources/api- idempotency/ Organization: Dwolla o Description: Dwolla uses custom HTTP header named "Idempotency- Key" o Reference: https://docs.dwolla.com/ Organization: Interledger o Description: Interledger uses custom HTTP header named "Idempotency-Key" o Reference: https://github.com/interledger/ Organization: WorldPay o Description: WorldPay uses custom HTTP header named "Idempotency- Key" o Reference: https://developer.worldpay.com/docs/wpg/idempotency Organization: Yandex o Description: Yandex uses custom HTTP header named "Idempotency- Key" o Reference: https://cloud.yandex.com/docs/api-design- guide/concepts/idempotency *Implementing the Concept* This is a list of implementations that implement the general concept, but do so using different mechanisms: Organization: Django o Description: Django uses custom HTTP header named "HTTP_IDEMPOTENCY_KEY" o Reference: https://pypi.org/project/django-idempotency-key Organization: Twilio o Description: Twilio uses custom HTTP header named "I-Twilio- Idempotency-Token" in webhooks o Reference: https://www.twilio.com/docs/usage/webhooks/webhooks- connection-overrides Organization: PayPal o Description: PayPal uses custom HTTP header named "PayPal-Request- Id" o Reference: https://developer.paypal.com/docs/business/develop/ idempotency Organization: RazorPay o Description: RazorPay uses custom HTTP header named "X-Payout- Idempotency" o Reference: https://razorpay.com/docs/razorpayx/api/idempotency/ Organization: OpenBanking o Description: OpenBanking uses custom HTTP header called "x- idempotency-key" o Reference: https://openbankinguk.github.io/read-write-api- site3/v3.1.6/profiles/read-write-data-api-profile.html#request- headers Organization: Square o Description: To make an idempotent API call, Square recommends adding a property named "idempotency_key" with a unique value in the request body. o Reference: https://developer.squareup.com/docs/build-basics/using- rest-api Organization: Google Standard Payments o Description: Google Standard Payments API uses a property named "requestId" in request body in order to provider idempotency in various use cases. o Reference: https://developers.google.com/standard-payments/ payment-processor-service-api/rest/v1/TopLevel/capture Organization: BBVA o Description: BBVA Open Platform uses custom HTTP header called "X- Unique-Transaction-ID" o Reference: https://bbvaopenplatform.com/apiReference/APIbasics/content/x- unique-transaction-id Organization: WebEngage o Description: WebEngage uses custom HTTP header called "x-request- id" to identify webhook POST requests uniquely to achieve events idempotency. o Reference: https://docs.webengage.com/docs/webhooks
- [httpapi] Header for idempotency Sanjay Dalal
- Re: [httpapi] Header for idempotency Martin J. Dürst
- Re: [httpapi] Header for idempotency Sanjay Dalal
- Re: [httpapi] Header for idempotency Mark Nottingham
- Re: [httpapi] Header for idempotency Erik Wilde
- Re: [httpapi] Header for idempotency Darrel Miller