Skip to content
/
Request Refund

ConnectPSP API (2.0.0)

ConnectPSP is a PIX payment gateway designed for high-throughput platforms such as digital wallets, betting companies, and fintechs.

This API allows you to:

  • 💸 Receive payments via PIX (Cash-In) — standard QR Code or OpenFinance
  • 🏦 Send payments via PIX key or bank account data (Cash-Out)
  • 📊 Manage your wallet — check consolidated balances and rebalance between transactional and proprietary accounts
  • 🪝 Receive real-time events via Webhooks as transactions progress

Authentication

All endpoints (except POST /auth/token) require two headers:

HeaderDescription
AuthorizationBearer <jwt_token> — obtained from POST /auth/token
ApplicationTokenFixed GUID token that identifies your integration

For financial operations (Cash-Out, Rebalance), an additional header is required:

HeaderDescription
DigitalSignatureHMAC-SHA256 hash of your JWT + CryptoToken. See Authentication Guide

Idempotency

For POST /cash-in and POST /cash-out, we strongly recommend sending the X-Idempotency-Key header (UUID v4). This guarantees that network retries do not result in duplicate transactions.

Recommended integration order

PhaseWhat to confirm first
SetupCredentials, environment, headers, and webhook readiness in Initial Setup
AuthenticationJWT generation and DigitalSignature rules in the Authentication Guide
TransactionsYour first Cash-In or Cash-Out flow with idempotency and webhook validation
Download OpenAPI description
index.json
index.yaml
Overview
ConnectPSP Support
suporte@connectpsp.com
Languages
Servers
Staging Environment (Testing)
https://api.homologacao.connectpsp.com

Authentication

Obtain JWT tokens to authenticate all other requests.

Operations

Cash-In

Generate and manage inbound PIX payments. Supports standard QR Code and OpenFinance flows.

Operations

Get Cash-In

Request

Returns the current status and details of a Cash-In transaction.

Security
bearerAuth
Path
idstringrequired

Transaction identifier — TxId, InternalCode, or EndToEndId.

Example: US7B1JQ
Headers
ApplicationTokenstringrequired

Fixed GUID that uniquely identifies your integration. Provided during ConnectPSP onboarding.

Example: {{ApplicationToken}}
curl https://api.homologacao.connectpsp.com/cash-in/US7B1JQ \
  -H "Authorization: Bearer <token>" \
  -H "ApplicationToken: <app-token>"

Responses

Cash-In details returned successfully.

Bodyapplication/json
transactionIdstring
Example: "kk6g232xel65a0daee4dd13kk2912714964"
internalCodestring
Example: "US7B1JQ"
externalReferencestring
Example: "order_abc123"
endToEndIdstring

End-to-end ID issued by BACEN/SPI upon settlement.

  • For paid transactions: starts with E (e.g. E00416968...)
  • For refunded transactions: starts with D (Devolution)
Example: "E00416968202603101827cemeFscF6AG"
originalEndToEndIdstring

The original E2E ID when endToEndId represents a refund.

Example: "E00416968202603101827cemeFscF6AG"
statusstring
Enum"AWAITING_PAYMENT""PAID""EXPIRED""REFUNDED""CANCELLED"
Example: "PAID"
amountnumber(decimal)
Example: 150.5
payerobject(CashInResponsePayer)
payer.​namestring
Example: "João Silva"
payer.​documentstring
Example: "12345678909"
payer.​bankDataobject(BankData)

Banking details returned after settlement. May be null before settlement.

payer.​bankData.​ispbstring

Bank ISPB code (8 digits).

Example: "00000000"
payer.​bankData.​bankstring

Bank name.

Example: "Banco do Brasil S.A."
payer.​bankData.​branchstring

Branch number.

Example: "0001"
payer.​bankData.​accountstring

Account number.

Example: "123456"
requestedAtstring(date-time)
Example: "2026-03-10T11:20:00-03:00"
paidAtstring(date-time)
Example: "2026-03-10T11:22:15-03:00"
refundedAtstring(date-time)
Example: "2026-03-11T09:00:00-03:00"
expiredAtstring(date-time)
Response
application/json
{
  "transactionId": "kk6g232xel65a0daee4dd13kk2912714964",
  "internalCode": "US7B1JQ",
  "externalReference": "order_abc123",
  "endToEndId": "E00416968202603101827cemeFscF6AG",
  "status": "PAID",
  "amount": 150.5,
  "payer": {
    "name": "João Silva",
    "document": "12345678909",
    "bankData": {}
  },
  "requestedAt": "2026-03-10T11:20:00-03:00",
  "paidAt": "2026-03-10T11:22:15-03:00"
}

Request Refund

Request

Requests a full refund of a paid Cash-In transaction (PIX Devolution via BACEN/SPI).

⚠️ Important: Only transactions with status PAID can be refunded. Partial refunds are not supported — the full original amount will be returned to the payer.

The refund is sent to the banking network synchronously. The 202 Accepted response includes the new endToEndId generated for the devolution (prefixed with D).

This endpoint requires the DigitalSignature header. See the Authentication Guide for details on how to compute it.

Security
bearerAuth
Path
idstringrequired

Transaction identifier — TxId, InternalCode, or EndToEndId.

Example: US7B1JQ
Headers
ApplicationTokenstringrequired

Fixed GUID that uniquely identifies your integration. Provided during ConnectPSP onboarding.

Example: {{ApplicationToken}}
DigitalSignaturestringrequired

HMAC-SHA256 hash of the JWT token + your CryptoToken. Required for sensitive operations. See the Authentication Guide for the exact computation steps.

Example: {{DigitalSignature}}
X-Idempotency-Keystring(uuid)

A client-generated UUID v4 to guarantee idempotency. If the same key is sent twice, the second request returns the original response without creating a duplicate transaction. Strongly recommended for all POST operations.

Example: 550e8400-e29b-41d4-a716-446655440000
Bodyapplication/jsonrequired
reasonstringrequired

Reason for the refund.

Enum"FRAUD""DUPLICATED_PAYMENT""CUSTOMER_REQUEST""MERCHANT_ERROR"
Example: "CUSTOMER_REQUEST"
descriptionstring

Optional internal note for audit purposes (not sent to payer).

Example: "Customer requested refund via support ticket #1234."
curl -X POST https://api.homologacao.connectpsp.com/cash-in/US7B1JQ/refund \
  -H "Authorization: Bearer <token>" \
  -H "ApplicationToken: <app-token>" \
  -H "DigitalSignature: <computed-signature>" \
  -H "X-Idempotency-Key: $(uuidgen)" \
  -H "Content-Type: application/json" \
  -d '{
    "reason": "CUSTOMER_REQUEST",
    "description": "Customer requested refund via support ticket #1234."
  }'

Responses

Refund accepted and submitted to the banking network.

Bodyapplication/json
transactionIdstring
Example: "kk6g232xel65a0daee4dd13kk2912714964"
internalCodestring
Example: "US7B1JQ"
externalReferencestring
Example: "order_abc123"
endToEndIdstring

New E2E ID for this devolution (starts with D).

Example: "D00416968202603101827cemeFscF6AG"
statusstring
Value"PROCESSING"
Example: "PROCESSING"
amountnumber(decimal)
Example: 150.5
requestedAtstring(date-time)
Example: "2026-03-10T13:30:00-03:00"
messagestring
Example: "The refund for cash-in US7B1JQ has been successfully initiated."
Response
application/json
{
  "transactionId": "kk6g232xel65a0daee4dd13kk2912714964",
  "internalCode": "US7B1JQ",
  "externalReference": "order_abc123",
  "endToEndId": "D00416968202603101827cemeFscF6AG",
  "status": "PROCESSING",
  "amount": 150.5,
  "requestedAt": "2026-03-10T13:30:00-03:00",
  "message": "The refund for cash-in US7B1JQ has been successfully initiated."
}

Cash-Out

Request and track outbound PIX payments to any Brazilian bank account.

Operations

Account

View consolidated wallet balances across all banking partners (Delbank, Celcoin, StarkBank) and manage rebalancing between transactional and proprietary accounts.

Operations