FAQ
Is there an official SDK?
No. The REST API is simple and fits into the standard HTTP libraries of each language. See Code samples.
Can I test before having approved KYC?
No. Generating API keys requires approved KYC and a verified email. Without them, you cannot generate credentials.
Are the amounts in reais or cents?
Cents, always. R$ 10.00 = 1000. See all monetary fields in the Reference.
How do I test locally without exposing a public endpoint for webhooks?
Use an HTTPS tunneling tool (e.g., ngrok, Cloudflare Tunnel) to expose your localhost. Register the generated public URL in the INFI dashboard.
For how long does INFI try to deliver a webhook?
Only one attempt, with an 8-second timeout. If your application does not respond, the event is lost. Always implement a fallback via GET /v1/transactions/:id. See Retry.
Can I have more than one active API key?
Yes — up to 10 active by default (adjustable). Use one per application or microservice for zero-downtime rotation. See API key rotation.
What happens if I repeat the same externalRef?
INFI returns the original charge with "idempotent": true, without creating a duplicate. See Idempotency.
Can I withdraw to any PIX key?
Yes for valid email, phone and evp. For cpf and cnpj, the key must match the registered account holder/company on your INFI account. See Allowed PIX keys.
Is the balance instantaneous after a charge is paid?
Eventually consistent. available in GET /v1/balance reflects the credit in a few seconds. For immediate reconciliation, use GET /v1/transactions/:id.
Do I need to enable 2FA on my account to use the API?
No. The 2FA (TOTP) available in the dashboard does not affect the REST API. Your integration keeps authenticating only with the API key — independently of whether 2FA is enabled or disabled on the account. Withdrawals via POST /v1/withdraw do not require a TOTP code. See the note in Authentication.