A card creation form that should be idempotent — submitting it twice with the same data must not create duplicate records. One endpoint is broken, one is protected. Find the difference.
An idempotent operation produces the same result no matter how many times it's repeated. In APIs this matters for retries — if a network timeout causes a client to re-submit a form, the server must not create duplicate records. Idempotency tokens are one common solution.
| Bug | Submit the form twice with the same name → 2 records created (no deduplication) |
| Correct | Submit with the same idempotency token twice → only 1 record created |
| Reset | Clear all state between test runs |
Create Card (Buggy) twice with the same name and count the resultsReset between test runs to clear state