Reach new audiences and convert more users by easily and safely connecting to their financial data, understanding their behavior and enabling instant payments with open finance. Through our API, you can access:
Belvo is an open banking API for Latin America that allows companies to access banking and fiscal information in a secure as well as agile way.
Through our API, you can access:
You can also use our API to make payments in:
If you woud like the response documentation in Excel or CSV form, please download them from our public GitHub Reposiitory: Belvo Open Finance Data Dictionaries.
Our EXCEL and CSV files are additionally localized into Spanish and Portuguese (Brazil).
Available for:
Use our Sandbox environment to build your integration. We offer dummy data that mimics that of real-world use cases, which means you can test out all the endpoints, use the widget, and implement webhooks - just as you would with real-world data!
All you need to get started with the Sandbox environment is to get your API keys. We really recommend that you start creating your integration in this environment.
Available for:
After you have tested your integration in the Sandbox environment and are ready to go live, you'll need to request access to our Production environment. After you request access, our Sales Team will get in contact with you to schedule a meeting just to ensure your needs are met, and then you'll just need to go through a certification process with one of our engineers to make sure that your integration is running optimally. To prepare for the certification meeting, just follow our Integration checklist.
Once your integration is certified, all you'll need to do is:
sandbox.belvo.com to api.belvo.com.We use the following HTTP status code in the response depending on the success or failure:
| Status Code | Description |
|---|---|
200 | ✅ Success - The content is available in the response body. |
201 | ✅ Success - The content was created successfully on Belvo. |
204 | ✅ Success - No content to return. |
400 | ❌ Bad Request Error - Request returned an error, detail in the content. |
401 | ❌ Unauthorized - The Belvo credentials provided are not valid. |
404 | ❌ Not Found - The resource you try to access cannot be found. |
405 | ❌ Method Not Allowed - The HTTP method you are using is not accepted for this resource. |
408 | ❌ Request Timeout - The request timed out and was terminated by the server. |
428 | ❌ MFA Token Required - MFA token was required by the institution to connect. |
500 | ❌ Internal Server Error - The detail of the error is available in the response body. |
Belvo API errors are returned in JSON format. For example, an error might look like this:
[
{
"request_id": "a6e1c493d7a29d91aed4338e6fcf077d",
"message": "This field is required.",
"code": "required",
"field": "link"
}
]Typically, an error response will have the following parameters:
request_id: a unique ID for the request, you should share it with the Belvo support team for investigations.message: human-readable description of the error.code: a unique code for the error. Check the table below to see how to handle each error code.field (optional): The specific field in the request body that has an issue.When you need help with a specific error, include the request identifier (request_id) in your message to the Belvo support team. This will speed up investigations and get you back up and running in no time at all.
For a full list of errors and how to troubleshoot them, please see our dedicated Error Handling article.
Implement an automated exponential backoff of up to five retries. We recommend using a base interval of three seconds with a factor of two. For example, the first retry should be after three seconds, the second retry after six seconds (2 * 3), the third retry after 12 seconds (2 * 6), the fourth retry after 24 seconds (2 * 12), and the fifth retry after 48 seconds (2 * 24).
You should not retry making requests if you receive a 40x response, as this is a client error.
The only exception is the “Too Many Sessions” error, as it means that your end-user is accessing the account from another browser at the same time. In this case, please implement the same retry policy as with 50x errors.
In our schema, you may see that a field has been marked as deprecated. This means that this field is no longer maintained by the Belvo team. You may still receive data for this field depending on the institution, however, you should not rely on this field.
In our API specification, you'll see that some response parameters will have a required annotation. According to the OpenAPI specification, when a response parameter is marked as required, this means that the response key must be returned. However, the value of that response parameter can be null.
📘 Info
In short, any response parameter marked as required will be returned by our API, but the value can be set to null.
An institution is an entity that Belvo can access information from. It can be a:
You can see a complete list of institutions by either consulting our Institutions article or making a List request to this endpoint.
With the List Links method, you can:
link.id (using the id query parameter).This method returns a paginated response (default: 100 items per page). You can use the page_size query parameter to increase the number of items returned to a maximum of 1000 items. You can use the page query parameter to navigate through the results. For more details on how to navigate Belvo's paginated responses, see our Pagination Tips article.
Please see the query list below for a list of fields that you can filter your responses by. For more information on how to use filters, see our Filtering responses article.
Indicates how many results to return per page. By default we return 100 results per page.
ℹ️ The minimum number of results returned per page is 1 and the maximum is 1000. If you enter a value greater than 1000, our API will default to the maximum value (1000).
Omit certain fields from being returned in the response. For more information, see our Filtering responses DevPortal article.
Return only the specified fields in the response. For more information, see our Filtering responses DevPortal article.
Return information only for this resource id.
Return information for these resource ids.
Return results only for this institution (use the Belvo-designated name, such as planet_mx_employment).
Return results only for these institutions (use the Belvo-designated names, such as ofmockbank_br_retail and planet_mx_employment).
Return links only with this access mode. Can be either single or recurrent.
Return items that were last updated in Belvo's database on this date (in YYYY-MM-DD format).
Return items that were last updated in Belvo's database after this date (in YYYY-MM-DD format).
Return items that were last updated in Belvo's database after or on this date (in YYYY-MM-DD format).
Return items that were last updated in Belvo's database before this date (in YYYY-MM-DD format).
Return items that were last updated in Belvo's database before or on this date (in YYYY-MM-DD format).
Return accounts that were last updated in Belvo's database between two dates (in YYYY-MM-DD format).
Return links that were not created by these Belvo users.
Return links with this external ID.
Return links with these external IDs.
Return links with this specific institution user ID.
Return links with these institution user IDs.
Return links with this refresh rate. Choose between 6h, 12h, 24h, 7d, 30d, or null (for single links).
Return links with this status. Choose between valid, invalid, unconfirmed, or token_required.
curl -i -X GET \
-u <username>:<password> \
'https://developers.belvo.com/_mock/apis/belvoopenapispec/api/links/?access_mode=single&created_at=2022-05-05&created_at__gt=2022-05-05&created_at__gte=2022-05-04&created_at__lt=2022-04-01&created_at__lte=2022-03-30&created_at__range=2022-03-03&created_by__not_in=d9475f4d-c511-4732-9ef0-93b5672f43d3&external_id=InternalUser4000&external_id__in=InternalUser4001&fields=string&id=24ccab1d-3a86-4136-a6eb-e04bf52b356f&id__in=6b3dea0f-be29-49d1-aabe-1a6d588642e6&institution=planet_mx_retail&institution__in=planet_mx_retail&institution_user_id=ezFoxjPDr7YnASnOaft5F3zt7D0kurgDNlLtZFjxUo0%3D&institution_user_id__in=ezFoxjPDr7YnASnOaft5F3zt7D0kurgDNlLtZFjxUo0%3D&omit=string&page=1&page_size=100&refresh_rate=24h&status=invalid&status__in=invalid'Ok
The URL to next page of results. Each page consists of up to 100 items. If there are not enough results for an additional page, the value is null.
In our documentation example, we use {endpoint} as a placeholder value. In production, this value will be replaced by the actual endpoint you are currently using (for example, accounts or owners).
The URL to the previous page of results. If there is no previous page, the value is null.
{ "count": 130, "next": "https://sandbox.belvo.com/api/{endpoint}/?link=1bd948f7-245d-4313-b604-34d1044cb908page=2", "previous": null, "results": [ { … } ] }
Register a new link (a connection between your user and their institution) using the Belvo API.
👍 We really recommend using our Connect Widget to handle link creation and link status updates.
To make things easier, we've included custom examples for the links you can create for each of our products. Just click on the type of link you want to create in the Body Params section below.
The request body to create a link for employment institutions in Brazil.
The Belvo name for the institution. For employment institutions in Brazil, you can select the following institutions:
inss_br_employmentThe user's CPF (ID) used to log in to the institution. You can provide this either as 11 characters or with the format XXX.XXX.XXX-XX.
The user's password used to log in to the institution.
An additional identifier for the link, provided by you, to store in the Belvo database. Cannot include any Personal Identifiable Information (PII). Must be at least three characters long.
If we identify that the identifier contains PII, we will force a null value. For more information, see our Link creation article.
The type of link to create.
single to do ad hoc one-time POST requests for accounts, owners, and transactions.recurrent to have Belvo access information on a recurrent basis so you always have fresh account, owner, balance, and transaction data.For more information, see our Links article.
An array of resources that you would like to receive a historical update for.
For employment institutions, you can select the following resources:
OWNERSEMPLOYMENTSIndicates whether or not to store credentials (and the duration for which to store the credentials).
store by default (and cannot be changed).365d by default.Choose either:
store to store credentials (until the link is deleted)nostore to not store credentials1d and 365d to indicate the number of days you want the credentials to be stored.For more information, check out the credentials_storage section of our Data retention controls article.
Indicates how long any user-derived data should be stored in Belvo's database for the link (both single and recurrent). For example, if you send through 90d, Belvo will remove any data from its database relating to the user after 90 days. For more information, check out the stale_in section of our Data retention controls article.
📘 Info
Belvo will only remove data for links that have not been updated in the period you provide in
stale_in. Belvo will only remove data for links that have not been updated in the period you provide instale_in.
By default Belvo stores user data for 365 days, unless the link is deleted.
curl -i -X POST \
-u <username>:<password> \
https://developers.belvo.com/_mock/apis/belvoopenapispec/api/links/ \
-H 'Content-Type: application/json' \
-d '{
"institution": "inss_br_employment",
"username": "231.002.999-00",
"password": "1234B789C234AGH",
"external_id": "56ab5706-6e00-48a4-91c9-ca55968678d9",
"access_mode": "single",
"fetch_resources": [
"OWNERS",
"EMPLOYMENTS"
],
"credentials_storage": "27d",
"stale_in": "42d"
}'Created
Belvo's unique identifier for the current item.
The link type. For more information, see our Links article. We return one of the following enum values:
singlerecurrentnullThe ISO-8601 timestamp of Belvo's most recent successful access to the institution for the given link.
The ISO-8601 timestamp of when the data point was created in Belvo's database.
An additional identifier for the link, provided by you, to store in the Belvo database. Cannot include any Personal Identifiable Information (PII). Must be at least three characters long.
If we identify that the identifier contains PII, we will force a null value. For more information, see our Link creation article.
📘 Info
Only applicable for links created after 08-02-2022.
A unique 44-character string that can be used to identify a user at a given institution.
📚 Check out our Avoiding duplicated links DevPortal article for more information and tips on how to use it.
The current status of the link. For more information, see our Link article in the devportal. We return one of the following values:
validinvalidunconfirmedtoken_requiredThe unique ID for the user that created this item.
The update refresh rate for the recurrent link. For more information, check out our recurrent link documentation in our DevPortal. We return one of the following enum values:
6h12h24h7d (default)30d (once a month)null (for single links)Indicates whether or not to store credentials (and the duration for which to store the credentials).
store by default (and cannot be changed).365d by default.Choose either:
store to store credentials (until the link is deleted)nostore to not store credentials1d and 365d to indicate the number of days you want the credentials to be stored.For more information, check out the credentials_storage section of our Data retention controls article.
An array of resources that you will receive a historical update for.
Indicates how long any user-derived data should be stored in Belvo's database for the link (both single and recurrent). For example, if you send through 90d, Belvo will remove any data from its database relating to the user after 90 days. For more information, check out the stale_in section of our Data retention controls article.
📘 Info
Belvo will only remove data for links that have not been updated in the period you provide in
stale_in. Belvo will only remove data for links that have not been updated in the period you provide instale_in.
By default Belvo stores user data for 365 days, unless the link is deleted.
{ "id": "0d3ffb69-f83b-456e-ad8e-208d0998d71d", "institution": "erebor_mx_retail", "access_mode": "recurrent", "last_accessed_at": "2021-03-09T10:28:40.000Z", "created_at": "2022-02-09T08:45:50.406032Z", "external_id": "56ab5706-6e00-48a4-91c9-ca55968678d9", "institution_user_id": "sooE7XJWEKypZJR603ecaWYk-8Ap0oD8Nr1pBQ4eG9c=", "status": "valid", "created_by": "bcef7f35-67f2-4b19-b009-cb38795faf09", "refresh_rate": "7d", "credentials_storage": "27d", "fetch_resources": [ "ACCOUNTS", "TRANSACTIONS" ], "stale_in": "42d" }
The session you want to resume. You need to use the session value that is provided in the 428 Token Required response that you receive after you make your POST request.
The MFA token generated by the institution which is required to continue a session.
The link.id you want to resume. Must be the same link.id as the one you receive in the 428 Token Required response that contains the session ID.
curl -i -X PATCH \
-u <username>:<password> \
https://developers.belvo.com/_mock/apis/belvoopenapispec/api/links/ \
-H 'Content-Type: application/json' \
-d '{
"session": "6e7b283c6efa449c9c028a16b5c249fa",
"token": "1234ab",
"link": "683005d6-f45c-4adb-b289-f1a12f50f80c",
"save_data": true
}'Ok
Belvo's unique identifier for the current item.
The link type. For more information, see our Links article. We return one of the following enum values:
singlerecurrentnullThe ISO-8601 timestamp of Belvo's most recent successful access to the institution for the given link.
The ISO-8601 timestamp of when the data point was created in Belvo's database.
An additional identifier for the link, provided by you, to store in the Belvo database. Cannot include any Personal Identifiable Information (PII). Must be at least three characters long.
If we identify that the identifier contains PII, we will force a null value. For more information, see our Link creation article.
📘 Info
Only applicable for links created after 08-02-2022.
A unique 44-character string that can be used to identify a user at a given institution.
📚 Check out our Avoiding duplicated links DevPortal article for more information and tips on how to use it.
The current status of the link. For more information, see our Link article in the devportal. We return one of the following values:
validinvalidunconfirmedtoken_requiredThe unique ID for the user that created this item.
The update refresh rate for the recurrent link. For more information, check out our recurrent link documentation in our DevPortal. We return one of the following enum values:
6h12h24h7d (default)30d (once a month)null (for single links)Indicates whether or not to store credentials (and the duration for which to store the credentials).
store by default (and cannot be changed).365d by default.Choose either:
store to store credentials (until the link is deleted)nostore to not store credentials1d and 365d to indicate the number of days you want the credentials to be stored.For more information, check out the credentials_storage section of our Data retention controls article.
An array of resources that you will receive a historical update for.
Indicates how long any user-derived data should be stored in Belvo's database for the link (both single and recurrent). For example, if you send through 90d, Belvo will remove any data from its database relating to the user after 90 days. For more information, check out the stale_in section of our Data retention controls article.
📘 Info
Belvo will only remove data for links that have not been updated in the period you provide in
stale_in. Belvo will only remove data for links that have not been updated in the period you provide instale_in.
By default Belvo stores user data for 365 days, unless the link is deleted.
{ "id": "0d3ffb69-f83b-456e-ad8e-208d0998d71d", "institution": "erebor_mx_retail", "access_mode": "recurrent", "last_accessed_at": "2021-03-09T10:28:40.000Z", "created_at": "2022-02-09T08:45:50.406032Z", "external_id": "56ab5706-6e00-48a4-91c9-ca55968678d9", "institution_user_id": "sooE7XJWEKypZJR603ecaWYk-8Ap0oD8Nr1pBQ4eG9c=", "status": "valid", "created_by": "bcef7f35-67f2-4b19-b009-cb38795faf09", "refresh_rate": "7d", "credentials_storage": "27d", "fetch_resources": [ "ACCOUNTS", "TRANSACTIONS" ], "stale_in": "42d" }
An owner represents the person who has access to a Link and is the owner of all the accounts inside the Link.
You can use this endpoint in order to get useful information about your client, such as:
An account is the representation of a bank account inside a financial institution. A user can have one or more accounts in an institution.
For example, one user (or link) can have a checking account, several credit cards, and a loan account.
Querying for a user's account information is useful as you can get information regarding:
Our employments resource for Brazil lets you get a comprehensive view of your user's current employment history and salary information.
For each user, we return the:
At the moment, the employments resource is available for:
Our employment records resource for Mexico lets you get a comprehensive view of your user’s current social security contributions and employment history.
With Belvo's employment records resource for Mexico, you can access information about your user's current social security contributions and employment history. For the each user, we return the:
At the moment, the employment records resource is available for:
Belvo's Recurring Expenses API allows you to identify a user's regular payments for subscription services, such as Netflix or gym memberships, as well as utility payments, such as electricity or phone bills. We return information for up to 365 days.
📘 Info
The recurring expenses resource is only available for Checking, Savings and Credit Card accounts associated with banking links.
To receive inflow payments to your organization's bank account, you must register the bank accounts (individual and business) using Belvo's Payments API.
A payment intent is a single point of access to create payments using any payment method offered by Belvo.
A payment intent captures all payment information (such as the amount to be charged, the description of the payment, the provider, and so on) and guides your customers through the payment flow.
Note: For institutions that require the
username_typein theform_fieldsarray, you must send through this value in your PATCH request.