ItemsService.createItemItemsPost({name: "Plumbus", price: 5})
```

...that's because the client generator uses the OpenAPI internal **operation ID** for each *path operation*.

OpenAPI requires that each operation ID is unique across all the *path operations*, so FastAPI uses the **function name**, the **path**, and the **HTTP method/operation** to generate that operation ID, because that way it can make sure that the operation IDs are unique.

This change fixes a [CSRF](https://en.wikipedia.org/wiki/Cross-site_request_forgery) security vulnerability when using cookies for authentication in path operations with JSON payloads sent by browsers.

The important thing to keep in mind is that the `sub` key should have a unique identifier across the entire application, and it should be a string.

## Check it

Run the server and go to the docs: <a href="http://127.0.0.1:8000/docs" class="external-link" target="_blank">http://127.0.0.1:8000/docs</a>.

You can use simple tools like `htop` to see the CPU and RAM used in your server or the amount used by each process. Or you can use more complex monitoring tools, which may be distributed across servers, etc.

## Recap

You have been reading here some of the main concepts that you would probably need to keep in mind when deciding how to deploy your application:

* Security - HTTPS
* Running on startup

* D'obtenir de nombreuses fonctionnalités supplémentaires (grâce à  Starlette) comme :
    * **WebSockets**
    * de tester le code très facilement avec `requests` et `pytest`
    * **<abbr title="Cross-Origin Resource Sharing">CORS</abbr>**
    * **Cookie Sessions**
    * ... et plus encore.

## Performance