Postman collection
Download the partner Postman collection and the sandbox and production environments to exercise every BlendFi endpoint without writing code.
A ready-to-import Postman collection of every partner-facing BlendFi endpoint, paired with environment files that pre-configure the base URL and an api_key placeholder for your API key.
Download
- Partner collection (JSON): every endpoint under the partner-facing prefixes (
/v1/users,/v1/kyc,/v1/quotes,/v1/conversions,/v1/test_helpers,/v1/webhook_endpoints,/v1/webhook_deliveries). - Sandbox environment (JSON): pre-configured with
baseUrl = https://api.sandbox.blendfi.com.brand a blankapi_keyvariable. - Production environment (JSON): pre-configured with
baseUrl = https://api.blendfi.com.brand a blankapi_keyvariable.
Import into Postman
The fastest path:
- Open Postman.
- File → Import → Link (or drag-and-drop the downloaded files into Postman's left pane).
- Paste any of these URLs:
https://docs.blendfi.com.br/postman/blendfi-partner.postman_collection.json(the collection)https://docs.blendfi.com.br/postman/blendfi-partner.sandbox.postman_environment.json(sandbox environment)https://docs.blendfi.com.br/postman/blendfi-partner.production.postman_environment.json(production environment)
- Repeat for each file you want to import.
- In Postman's environment selector (top-right), pick BlendFi Core, Sandbox or BlendFi Core, Production.
Authenticate
The environment ships with a blank api_key value. Set it once, and every request in the collection picks it up via the Authorization: Bearer {{api_key}} header.
- Click the Environments tab in Postman's left sidebar.
- Open BlendFi Core, Sandbox (or Production).
- Paste your API key (sandbox:
sk_test_…, production:sk_live_…) intoapi_key→ Current Value. - Save.
Get a sandbox key first
If you don't have a sandbox key yet, see Sandbox & keys for the request flow.
Walk through one request
A round-trip to confirm everything's wired up:
- In the collection, find Users → Create user.
- The request body has a placeholder JSON; the only fields you must set are
external_id(any unique string),name,document_type(cpforcnpj), anddocument_number. A safe sandbox CPF is52998224725. - Click Send.
- Expect a
201response with the user'sid. If you see401 authentication_failed, theapi_keyvariable wasn't picked up, re-check the environment selector.
From there, every other endpoint in the collection works the same way: tweak the body, click Send, observe.
Test_helpers for sandbox-only state driving
The collection includes the seven test_helpers endpoints under Test Helpers / Transactions (and one under Test Helpers / Users). Use them to drive a conversion lifecycle without waiting for real Pix or on-chain confirmations.
Staying in sync
The collection and environments are committed in BlendFi's API repo and refreshed periodically. Re-download from this page to get the latest set of endpoints. The OpenAPI Reference on this site (/docs/reference) is the canonical source for endpoint contracts. On any conflict between Postman and the Reference, the Reference wins.
Partner-only, internal collection is never published
BlendFi's internal Postman collection (used by ops + admin tooling) must not be exposed to the open internet. Three defense layers prevent accidental publication: the sync script (pnpm postman:sync) hardcodes the partner-only file list and refuses anything matching internal; a .gitignore rule blocks accidental git add of public/postman/*internal*; a CI workflow (partner-postman-guard.yml) fails any PR that ships an internal artifact under public/. Maintainers refreshing this collection should run pnpm postman:sync rather than copying files by hand.
Related
- Get started → Quickstart, the same first-call flow, in curl/Node/Python.
- Reference, full schemas for every endpoint, with interactive Try it panels.
- Sandbox & keys, how to request a sandbox key.
- Errors catalog, every error code you might see while exploring the collection.
Rotate an API key
Issues a new API key with the same capabilities and name, then immediately revokes the old key. The new secret is returned once and cannot be retrieved again.
Sandbox testing guide
All sandbox-specific tooling in one place: PIX test keys, conversion lifecycle helpers, and KYC forcing.
