URL
Need help?
Reach new audiences and convert more users by easily and safely connecting to their financial data, understanding their behavior and enabling instant payments with open finance. Through our API, you can access:
Belvo is an open banking API for Latin America that allows companies to access banking and fiscal information in a secure as well as agile way.
Through our API, you can access:
You can also use our API to make payments in:
If you woud like the response documentation in Excel or CSV form, please download them from our public GitHub Reposiitory: Belvo Open Finance Data Dictionaries.
Our EXCEL and CSV files are additionally localized into Spanish and Portuguese (Brazil).
Available for:
Use our Sandbox environment to build your integration. We offer dummy data that mimics that of real-world use cases, which means you can test out all the endpoints, use the widget, and implement webhooks - just as you would with real-world data!
All you need to get started with the Sandbox environment is to get your API keys. We really recommend that you start creating your integration in this environment.
Available for:
After you have tested your integration in the Sandbox environment and are ready to go live, you'll need to request access to our Production environment. After you request access, our Sales Team will get in contact with you to schedule a meeting just to ensure your needs are met, and then you'll just need to go through a certification process with one of our engineers to make sure that your integration is running optimally. To prepare for the certification meeting, just follow our Integration checklist.
Once your integration is certified, all you'll need to do is:
sandbox.belvo.com to api.belvo.com.We use the following HTTP status code in the response depending on the success or failure:
| Status Code | Description |
|---|---|
200 | ✅ Success - The content is available in the response body. |
201 | ✅ Success - The content was created successfully on Belvo. |
204 | ✅ Success - No content to return. |
400 | ❌ Bad Request Error - Request returned an error, detail in the content. |
401 | ❌ Unauthorized - The Belvo credentials provided are not valid. |
404 | ❌ Not Found - The resource you try to access cannot be found. |
405 | ❌ Method Not Allowed - The HTTP method you are using is not accepted for this resource. |
408 | ❌ Request Timeout - The request timed out and was terminated by the server. |
428 | ❌ MFA Token Required - MFA token was required by the institution to connect. |
500 | ❌ Internal Server Error - The detail of the error is available in the response body. |
Belvo API errors are returned in JSON format. For example, an error might look like this:
[
{
"request_id": "a6e1c493d7a29d91aed4338e6fcf077d",
"message": "This field is required.",
"code": "required",
"field": "link"
}
]Typically, an error response will have the following parameters:
request_id: a unique ID for the request, you should share it with the Belvo support team for investigations.message: human-readable description of the error.code: a unique code for the error. Check the table below to see how to handle each error code.field (optional): The specific field in the request body that has an issue.When you need help with a specific error, include the request identifier (request_id) in your message to the Belvo support team. This will speed up investigations and get you back up and running in no time at all.
For a full list of errors and how to troubleshoot them, please see our dedicated Error Handling article.
Implement an automated exponential backoff of up to five retries. We recommend using a base interval of three seconds with a factor of two. For example, the first retry should be after three seconds, the second retry after six seconds (2 * 3), the third retry after 12 seconds (2 * 6), the fourth retry after 24 seconds (2 * 12), and the fifth retry after 48 seconds (2 * 24).
You should not retry making requests if you receive a 40x response, as this is a client error.
The only exception is the “Too Many Sessions” error, as it means that your end-user is accessing the account from another browser at the same time. In this case, please implement the same retry policy as with 50x errors.
In our schema, you may see that a field has been marked as deprecated. This means that this field is no longer maintained by the Belvo team. You may still receive data for this field depending on the institution, however, you should not rely on this field.
In our API specification, you'll see that some response parameters will have a required annotation. According to the OpenAPI specification, when a response parameter is marked as required, this means that the response key must be returned. However, the value of that response parameter can be null.
📘 Info
In short, any response parameter marked as required will be returned by our API, but the value can be set to null.
https://developers.belvo.com/_mock/apis/belvoopenapispec/
https://sandbox.belvo.com/
An institution is an entity that Belvo can access information from. It can be a:
The scopes parameter contains a list of permissions that allow your to create a link for the user. This is a required parameter and must be sent exactly as shown.
Indicates how long any user-derived data should be stored in Belvo's database for the link (both single and recurrent). For example, if you send through 90d, Belvo will remove any data from its database relating to the user after 90 days. For more information, check out the stale_in section of our Data retention controls article.
📘 Info
Belvo will only remove data for links that have not been updated in the period you provide in
stale_in. Belvo will only remove data for links that have not been updated in the period you provide instale_in.
By default Belvo stores user data for 365 days, unless the link is deleted.
An array of resources that you would like to receive a historical update for.
For banking institutions, you can select the following resources:
ACCOUNTSOWNERSTRANSACTIONSBILLS (only for Brazil OFDA institutions)INCOMESRECURRING_EXPENSESRISK_INSIGHTSThe widget object contains additional information about how to set up the widget, including custom branding, your terms and conditions, callback URLs, and information about the user you want to extract data for.
In the purpose parameter, you can customize the messaging that is displayed to your user regarding for what use case you are requesting their data For more information, check out the purpose section in our Hosted Widget (OFDA) guide.
The openfinance_feature parameter indicates that the end user will go through the OFDA flow. It must be set to consent_link_creation
In the callback_urls object, you must add links to where your user should be redirected to in the following cases:
For more information, check out the callback_urls section in our Hosted Widget (OFDA) guide.
📘 Callback Events
Belvo will also send additional event information depending on the event. For more information, please make sure to check out the Handling callback events section of the Hosted Widget (OFDA) guide.
The URL your user is redirected to when they successfully connects their account.
The URL your user is redirected to when they exit the process before connecting their account.
In the branding object, you must add your:
You can also optionally add a custom background color for when the widget opens, as well as disable Belvo's messaging regarding how many accounts have been connected.
For more information about the branding and customization options of the widget, check out our dedicated guide.
You can add your company icon to the widget to make it more aligned with your brand. For more information, see the company_icon section of our Branding and customization (OFDA) guide.
You can add your company logo to the widget to make it more aligned with your brand. For more information, see the company_icon section of our Branding and customization (OFDA) guide.
You can add your company name to be displayed when the widget first starts. By default, it'll just display "Link your account". When you add your company name, the message will follow the format "[company_name] uses Belvo to connect your account". For more information, see the company_name section of our Branding and customization (OFDA) guide.
You can add a link to your privacy policy (or terms and conditions) on the initial screen of the widget that, when clicked, will redirect your users to the linked webpage. This helps your users better understand what your use case is regarding the data you are requesting. For more information, see the company_terms_url section of our Branding and customization (OFDA) guide.
You can add a custom overlay color for when the widget loads in your desktop application. For more information, see the overlay_background_color section of our Branding and customization (OFDA) guide.
You can choose to hide the "Mais de 5 milhões de usuários já conectaram com segurança suas contas." message that appears when your user selects their institution in the widget. For more information, see the social_proof section of our Branding and customization (OFDA) guide.
You can optionally add your brand colors to the widget using the theme parameter.
For more information regarding where these colors will appear in the widget, check out the dedicated Add custom colors to the widget section of our Branding guide.
The consent object is unique to the OFDA widget and must be sent through.
In the terms_and_conditions_url parameter, you must provide a link to your company's terms and conditions.
The permissions parameter contains the resources that you want to extract from Brazil's Open Finance Network for the user. This value must be set to ["REGISTER", "ACCOUNTS", "CREDIT_CARDS","CREDIT_OPERATIONS"].
In the identification_info array, you need to provide the identification information of the user that you want to retrieve information for. The information that you provide here must match the information that the regulated institution has for the user (for example, for businesses, the CPF and name must be for a user with access to the business account).
For more information, check out the identification_info section of our Hosted Widget (OFDA) guide.
The CPF or CNPJ number of the individual or company associated with the identification.
https://developers.belvo.com/_mock/apis/belvoopenapispec/api/token/
https://sandbox.belvo.com/api/token/
curl -i -X POST \
-u <username>:<password> \
https://developers.belvo.com/_mock/apis/belvoopenapispec/api/token/ \
-H 'Content-Type: application/json' \
-d '{
"id": "string",
"password": "string",
"scopes": "read_institutions,write_links,read_consents,write_consents,write_consent_callback,delete_consents",
"stale_in": "42d",
"fetch_resources": [
"ACCOUNTS",
"TRANSACTIONS",
"OWNERS",
"BILLS"
],
"widget": {
"purpose": "Soluções financeiras personalizadas oferecidas por meio de recomendações sob medida, visando melhores ofertas de produtos financeiros e de crédito.",
"openfinance_feature": "consent_link_creation",
"callback_urls": {
"success": "your_deeplink_here://success",
"exit": "your_deeplink_here://exit",
"event": "your_deeplink_here://error"
},
"branding": {
"company_icon": "https://mysite.com/icon.svg",
"company_logo": "https://mysite.com/logo.svg",
"company_name": "ACME",
"company_terms_url": "https://belvo.com/terms-service/",
"overlay_background_color": "#F0F2F4",
"social_proof": true
},
"theme": [
{
"css_key": "--color-primary-base",
"value": "#907AD6"
}
],
"consent": {
"terms_and_conditions_url": "https://www.your_terms_and_conditions.com",
"permissions": [
"REGISTER",
"ACCOUNTS",
"CREDIT_CARDS",
"CREDIT_OPERATIONS"
],
"identification_info": [
{
"type": "CPF",
"number": 76109277673,
"name": "Ralph Bragg"
}
]
}
}
}'Successful operation
The access token to be used to authenticate the widget.
The refresh token to be used to authenticate the widget.
{ "access": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzI3MzYwMTk1LCJpYXQiOjE3MjczNTg5OTUsImp0aSI6ImRhN2Q3OTM1ZDZlZTQ0MTBhYTMwYTc3NWQ1OWMxZWIzIiwidXNlcl9pZCI6IjZlOWJlODg0LTQ3ODEtNDE0My1iNjczLWFjYTAyNDc1ZWU4YyIsIm9yZ2FuaXphdGlvbl9uYW1lIjoiRG9taW5payBDaG9sZXdza2kncyB0ZWFtIiwib3JnYW5pemF0aW9uX2lkIjoiNmU5YmU4ODQtNDc4MS00MTQzLWI2NzMtYWNhMDI0NzVlZThjIiwic2NvcGVzIjpbInJlYWRfaW5zdGl0dXRpb25zIiwid3JpdGVfbGlua3MiXSwiZW52aXJvbm1lbnQiOiJzYW5kYm94IiwiYXBpX3VybCI6InNhbmRib3guYmVsdm8uY29tIiwiY3JlZGVudGlhbHNfc3RvcmFnZSI6IjMwZCIsInN0YWxlX2luIjoiMzY1ZCIsImZldGNoX3Jlc291cmNlcyI6WyJPV05FUlMiLCJFTVBMT1lNRU5UUyJdLCJpc3MiOiJzYW5kYm94LmJlbHZvLmNvbSJ9.DaQ8xVTEjA4BD-0SbBCQDylO3NrjhsHiWXTaoPdKWRucS2E0jxNUHC5lwrejrz73-GytgcXTeiI1fhZBYW719A", "refresh": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MjM0OTQzODk5NSwiaWF0IjoxNzI3MzU4OTk1LCJqdGkiOiI2YmUyMGFmNTcxZDU0NjQzYjA0Y2U3YTVhNjI5ZDRiMSIsInVzZXJfaWQiOiI2ZTliZTg4NC00NzgxLTQxNDMtYjY3My1hY2EwMjQ3NWVlOGMiLCJvcmdhbml6YXRpb25fbmFtZSI6IkRvbWluaWsgQ2hvbGV3c2tpJ3MgdGVhbSIsIm9yZ2FuaXphdGlvbl9pZCI6IjZlOWJlODg0LTQ3ODEtNDE0My1iNjczLWFjYTAyNDc1ZWU4YyIsInNjb3BlcyI6WyJyZWFkX2luc3RpdHV0aW9ucyIsIndyaXRlX2xpbmtzIl0sImVudmlyb25tZW50Ijoic2FuZGJveCIsImFwaV91cmwiOiJzYW5kYm94LmJlbHZvLmNvbSIsImNyZWRlbnRpYWxzX3N0b3JhZ2UiOiIzMGQiLCJzdGFsZV9pbiI6IjM2NWQiLCJmZXRjaF9yZXNvdXJjZXMiOlsiT1dORVJTIiwiRU1QTE9ZTUVOVFMiXSwiaXNzIjoic2FuZGJveC5iZWx2by5jb20ifQ.T-tnX2BwAjQI0MaYCO686bZD6H7EMIgi_CbOWtHDexGIiTKLer0d7RJGisXJqM6oA_L4y_A_774LEj8NNb7YXQ" }
An owner represents the person who has access to a Link and is the owner of all the accounts inside the Link.
You can use this endpoint in order to get useful information about your client, such as:
An account is the representation of a bank account inside a financial institution. A user can have one or more accounts in an institution.
For example, one user (or link) can have a checking account, several credit cards, and a loan account.
Querying for a user's account information is useful as you can get information regarding:
Our employments resource for Brazil lets you get a comprehensive view of your user's current employment history and salary information.
For each user, we return the:
At the moment, the employments resource is available for:
Our employment records resource for Mexico lets you get a comprehensive view of your user’s current social security contributions and employment history.
With Belvo's employment records resource for Mexico, you can access information about your user's current social security contributions and employment history. For the each user, we return the:
At the moment, the employment records resource is available for:
Belvo's Recurring Expenses API allows you to identify a user's regular payments for subscription services, such as Netflix or gym memberships, as well as utility payments, such as electricity or phone bills. We return information for up to 365 days.
📘 Info
The recurring expenses resource is only available for Checking, Savings and Credit Card accounts associated with banking links.
To receive inflow payments to your organization's bank account, you must register the bank accounts (individual and business) using Belvo's Payments API.
A payment intent is a single point of access to create payments using any payment method offered by Belvo.
A payment intent captures all payment information (such as the amount to be charged, the description of the payment, the provider, and so on) and guides your customers through the payment flow.
Note: For institutions that require the
username_typein theform_fieldsarray, you must send through this value in your PATCH request.