[mercantile]

Exactly this. Multiple requests with the same idempotency key are still different requests, and you want to be able to track them independently.

Also worth noting that a header named 'Request-Id' is already a widespread convention. You'll see one back from many popular APIs like AWS or Stripe, and definitely want a name for the idempotency header that differentiates itself from that.

[vp8989]

They are 2 distinct concepts for sure, but if you also need to track each request independently then it would seem more robust to generate a separate Id for that from within the scope of your system. I don't think you would want to rely on a client to differentiate "physical" requests for you.

Maybe "Logical-Request-Identifier" and "Physical-Request-Identifier"?

[karmakaze]

On the surface this sounds about right, but how do we ensure that we only create one of these? Every layer will want to create a new id as not trusting the id given to it as 'new'. Having the actual client generate both is the simplest.