Your backend often calls external APIs: payment (Stripe, Razorpay), email (SendGrid), cloud (AWS, Azure), or partner APIs. These can be slow, unreliable, or rate-limited. You must handle timeouts, retries, and idempotency so a retry does not double-charge or double-send. Never trust client input when building requests; validate and sanitize.

Use API keys or OAuth as required; store secrets in a secrets manager or env vars, never in code.

Idempotency: if the client or your code retries a request (e.g. after timeout), the external service might process it twice. Many payment and messaging APIs support idempotency keys: you send the same key on retry and they return the same result. Use them. For your own outbound calls, design so retries are safe (e.g. "create if not exists" or store idempotency key and skip duplicate).

Retries: use exponential backoff (wait 1s, 2s, 4s...) and a max attempts limit. Retry only on transient errors (5xx, timeout, connection error), not on 4xx (client error). Use circuit breaker (see resilience) to stop retrying when the service is clearly down.

Always set timeouts on outbound calls (e.g. 5–10 seconds). Without a timeout, a hung external service can block your thread or connection pool. Fail fast and return an error to the user or queue the job for retry.

Circuit breaker: after N failures, stop calling the service for a period (e.g. 30 seconds), then try again. Prevents cascading failure and gives the external service time to recover.

Many services use webhooks: they POST to your URL when an event happens (e.g. payment succeeded). Verify the request (e.g. signature or shared secret); process idempotently (same event ID might be sent twice); respond 200 quickly and do heavy work in a background job. If you take too long, the provider may retry and duplicate the event.