Accept a client-supplied Idempotency-Key header on create/payment endpoints so retried requests do not create duplicate resources.
Why This Matters
Without idempotency keys, network retries on POST silently duplicate orders, charges, or records, causing data and financial integrity issues.
Related Rules
Catch this automatically on every PR
BeforeMerge scans your pull requests against this rule and dozens more. Get actionable feedback before code ships.