Idempotency key
Payment endpoints accept an optional Idempotency-Key header — a unique value
you generate for each request (UUID v4 recommended). If a request fails or
times out, retry it with the same key: the API returns the original response
instead of processing the charge again. If the original request is still
processing, the retry returns 409. Keys expire after 24 hours.
To prevent duplicate charges, we strongly recommend sending an
Idempotency-Key with every payment request.
curl -X POST https://api-payments-staging.highwirepayments.com/v1/payments/auth-and-capture \
-u "YOUR_API_KEY:YOUR_SECRET" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: 9f6a2c58-3d1e-4b7a-8c2f-5e1d4a9b0c3e" \
-d '{
"amount": 7200,
"cardNumber": "5555555555554444",
"cardExpiration": "1133",
"cardCvv": "456",
"cardholderName": "Mary Jo Verke",
"cardholderEmail": "maryoverke@gmail.com",
"cardholderPhone": "+14155550101",
"cardholderBillingAddress": "4944 Hollycrest Way",
"cardholderBillingZipcode": "95628",
"cardholderBillingCity": "Fair Oaks",
"cardholderBillingState": "CA"
}'Resend the exact request above — same key, same body — and you get the
original 201 back, not a second charge.
Retrying with the same key but a different body, and which endpoints accept the header, are covered per endpoint in the Payments reference.