Duplicate control

Prevent duplicate work at every boundary.

Use webhook idempotency keys, stable client request identifiers, and retry-safe state machines so voice operations remain correct under provider retries and network failure.

Request API key Start building Endpoint guides Authentication Production readiness

Runtime APIBearer tenant keys

Admin APIx-admin-key

TelephonyTwilio signatures

SpecsOpenAPI 3.1

Where duplicate control applies

Outbound webhooks

Delivery idempotency

Webhook deliveries include X-Idempotency-Key. Consumers should store that value and ignore duplicate deliveries after a successful process.

Client requests

Application-level safety

For call creation and admin automation, protect retries in your application workflow before issuing a second command that could produce duplicate business action.

Webhook consumer pattern

const idempotencyKey = request.headers["x-idempotency-key"];

if (await events.hasProcessed(idempotencyKey)) {
  return response.status(200).send("duplicate ignored");
}

await processWebhookEvent(request.body);
await events.markProcessed(idempotencyKey);
return response.status(200).send("ok");

Retry-safe call workflow

Create an internal operation record before calling POST /api/v1/make-call.
Store the request body, tenant, target phone number, and intended agent.
Retry only while the operation is still unscheduled or definitively failed.
After a call identifier is returned, reconcile through call logs and voice sessions instead of creating another call.