Idempotency

Some of our HTTP POST API endpoints support idempotency to allow safe retries without unintentionally attempting an operation multiple times. This is useful when the API call is disrupted in transit and a response is not received.

Supported Endpoints

We support idempotency for the following endpoints:

We may add idempotency support for more endpoints in the future, depending on the needs of our users.

Implementation and Details

To perform an idempotent request, provide an additional Idempotency-Key: <key> header to the request.

PaySG idempotency key works by saving the resulting status code and body of the first request made for any given idempotency key, regardless of whether it succeeded or failed. Subsequent requests with the same key return the same result, including 500 errors.

An idempotency key is a unique value generated by the client which the server uses to recognize subsequent retries of the same request. How you create unique keys is up to you, but we suggest using V4 UUIDs, or another random string with enough entropy to avoid collisions. Idempotency keys can be up to 255 characters long.

Keys are eligible to be removed from the system automatically after they are at least 24 hours old, and a new request is generated if a key is reused after the original has been pruned. The idempotency layer compares incoming parameters to those of the original request and errors unless they're the same to prevent accidental misuse.

Results are only saved if an API endpoint started executing. If incoming parameters failed validation, or the request conflicted with another that was executing concurrently, no idempotent result is saved because no API endpoint began execution based on the current request. It is safe to retry these requests.