Sandbox & keys
Sandbox vs production, how to request keys, what changes when you graduate to live.
Sandbox is a live mirror of BlendFi's API where the same endpoints, response shapes, and error codes apply, but Pix payments are simulated, USDT transfers stay in a test account, and test_helpers endpoints let you drive the lifecycle synthetically. Build here first; we'll review your sandbox integration before issuing a sk_live_… key.
What's the same
- Identical request/response shapes. Every payload, every field name, every error code.
- Identical webhook semantics. Signing, retries, replay window, event types.
- Identical KYC flow. Hosted identity verification works the same in sandbox.
- Identical error catalogue. Same
codes, same response shape.
What's different
- Pix is simulated. A real bank app pointed at a sandbox Pix QR doesn't pay anything; sandbox uses
test_helpersto advance state instead. - Pix DICT is simulated. The sandbox does not query the real DICT. See Sandbox testing guide for the fixed keys to use.
- Exchange is mocked. No real BRL→USDT trades execute.
- USDT stays in a sandbox account. No on-chain transfers to mainnet wallets.
- Sandbox-only endpoints.
/v1/test_helpers/*exists only in sandbox; in production it returns 404. - No real money. Ever.
Base URLs
| Environment | Base URL |
|---|---|
| Sandbox | https://api.sandbox.blendfi.com.br |
| Production | https://api.blendfi.com.br |
For current rate limits per endpoint, see Environments and rate limits.
How to request a sandbox key
Book a 30-minute meeting with our team. On that call we'll learn about your use case and issue your sandbox key on the spot, scoped with a default capability set you can refine later.
Sandbox keys never expire by themselves and can be revoked or rotated on demand.
Graduating to production
When your sandbox integration is ready for real money, book the production handoff meeting. On that call we'll:
- Walk through your sandbox integration (idempotency, signature verification, error handling,
request_idlogging). - Issue the
sk_live_…key with the appropriate capabilities. Default scope is the same as your sandbox key minussandbox:control.
Most partners walk out of that meeting with the production key in hand.
Build in sandbox first
Sandbox is a live copy of BlendFi where the same endpoints, response shapes, and error codes apply, but PIX payments are simulated and USDT transfers stay in a test account. We'll review your sandbox integration end-to-end before issuing a sk_live_… key.
FAQ
Where do I get a sandbox key? Book a 30-minute meeting. You'll leave that call with your sandbox key.
Can I have more than one key? Yes. We can issue capability-scoped keys (read-only, transactions-only, etc.) so you can compartmentalize integrations. Ask during your onboarding meeting.
How do I rotate a key?
You do it yourself. A single call to POST /v1/api-keys/{id}/rotate issues a new key with the same capabilities and immediately revokes the old one, with no support ticket required. The new secret is returned once. See Authentication.
Why don't I have a sk_live_… key yet?
Production keys are issued during the handoff meeting. Build in sandbox first, then book here.
Where do I file a bug?
Email support with the request_id from the response. We can find your request in seconds with that.
Read next
- Quickstart, your first authenticated call
- Authentication, bearer + capabilities
- Webhooks → Sandbox testing, local listener + tunneling setup
- Sandbox testing guide, PIX test keys, conversion helpers, KYC forcing
