Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.safefypay.com.br/llms.txt

Use this file to discover all available pages before exploring further.

Payment API credentials use a fixed permission schema to restrict what each integration can do.

Permission structure

{
  "version": 1,
  "balance": {
    "read": true
  },
  "transactions": {
    "read": true,
    "write": true
  },
  "customers": {
    "read": true,
    "write": true,
    "edit": true
  },
  "cashouts": {
    "read": true,
    "write": true,
    "allowAnyPixKey": false
  }
}

Modules and effects

ModuleFieldMain effect
Balancebalance.readAllows GET /v1/balance
Transactionstransactions.readAllows list and get transaction
Transactionstransactions.writeAllows create and simulate transaction
Customerscustomers.readAllows list and get customer
Customerscustomers.writeAllows create customer
Customerscustomers.editAllows update customer
Cashoutscashouts.readAllows list and get cashout
Cashoutscashouts.writeAllows create, cancel, and simulate cashout
Cashoutscashouts.allowAnyPixKeyAllows arbitrary PIX key in cashout create

Important cashout rules

  1. Always use withdrawNowAvailable from GET /v1/balance to set cashout amount.
  2. If requiresFullWithdrawalNow = true, amount must be exactly withdrawNowAvailable.
  3. When cashouts.allowAnyPixKey = false, arbitrary PIX key destination is not allowed.
  4. Operation environment (Sandbox or Production) is determined by the authenticated credential.

Best practices

  1. Use separate credentials per internal service.
  2. Apply least privilege for each credential.
  3. Avoid using a single full-access credential for every integration.
  4. Revoke and rotate credentials immediately if exposure is suspected.