Build on Italian Financial

One REST API to run accounts, payments, cards and identity. Get sandbox access in minutes, prototype against realistic test data, and ship to production with official SDKs, scoped keys and predictable webhooks.

πŸ”‘ OAuth 2.0 πŸ§ͺ Full sandbox πŸ“¦ 4 official SDKs ⚑ 99.99% uptime target
Quickstart

From API key to first account in two calls.

Authenticate with the client-credentials grant to obtain a bearer token, then create your first account. Every request is authenticated, idempotent and returns predictable JSON.

  • Request a scoped access token from the OAuth endpoint
  • Call any resource with Authorization: Bearer <token>
  • Add an Idempotency-Key header to make writes safe to retry
  • Point at the sandbox base URL until you are ready for production
Browse the endpoints
POST /oauth/token
# 1 Β· Exchange client credentials for an access token
curl https://api.italianfinancial.com/oauth/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials" \
  -d "client_id=$CLIENT_ID" \
  -d "client_secret=$CLIENT_SECRET" \
  -d "scope=accounts:write payments:write"

← 200 OK
{
  "access_token": "eyJhbGciOiJSUzI1NiIs…",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "accounts:write payments:write"
}
POST /v1/accounts
# 2 Β· Create a EUR current account
curl https://api.italianfinancial.com/v1/accounts \
  -H "Authorization: Bearer $TOKEN" \
  -H "Idempotency-Key: acc-req-8f21" \
  -d '{
    "type": "current",
    "currency": "EUR",
    "holder": { "name": "Giulia Russo", "kyc_level": 2 }
  }'

← 201 Created
{ "id":"acc_9f2b", "iban":"IT60X0542811101000000123456", "status":"active" }
Authentication

Secure by default, from the first request.

Machine-to-machine authentication built on open standards, with defence-in-depth options for regulated workloads.

πŸ”‘

OAuth 2.0

The client-credentials grant issues short-lived bearer tokens for server-to-server access. Rotate secrets without redeploying.

🎯

Scoped API keys

Grant least-privilege access with granular scopes such as accounts:read or payments:write per key.

πŸ”

mTLS option

Pin mutual TLS on production endpoints so both client and server present certificates for regulated, high-value flows.

♻️

Idempotency keys

Send an Idempotency-Key on any write. Retries return the original result β€” never a duplicate payment or card.

Two environments, two base URLs. Production: https://api.italianfinancial.com/v1 Β· Sandbox: https://sandbox.italianfinancial.com/v1. Keys are environment-specific and never interchangeable.
API reference

Core endpoints.

A consistent, resource-oriented REST surface. Every resource speaks JSON, supports pagination and emits webhooks.

Accounts

MethodEndpointDescription
GET/v1/accountsList accounts with cursor pagination and filters.
POST/v1/accountsOpen a new current, wallet or safeguarding account.
GET/v1/accounts/{id}Retrieve a single account, balance and IBAN.

Payments

MethodEndpointDescription
POST/v1/paymentsInitiate a SEPA, SEPA Instant or SWIFT credit transfer.
GET/v1/payments/{id}Fetch a payment with its status and settlement timing.

Cards

MethodEndpointDescription
POST/v1/cardsIssue a virtual or physical Visa / Mastercard card.
POST/v1/cards/{id}/freezeFreeze a card instantly to block further authorisations.

Identity / KYC

MethodEndpointDescription
POST/v1/identity/sessionsCreate a biometric KYC / KYB verification session.
GET/v1/identity/sessions/{id}Retrieve a session result, checks and screening hits.

Webhooks

MethodEndpointDescription
POST/v1/webhooksRegister an endpoint to receive signed event notifications.
Webhooks

Event-driven, signed and reliable.

Subscribe once and receive real-time notifications whenever money moves or a verification completes β€” no polling required.

  • Every payload is signed with an HMAC-SHA256 signature you verify with your endpoint secret
  • Automatic retries with exponential backoff for up to 24 hours on non-2xx responses
  • At-least-once delivery β€” de-duplicate on the event id
  • Replay any historical event from the console or sandbox
payment.settled Β· webhook
# POST from Italian Financial β†’ your endpoint
# Header: X-IF-Signature: t=1720440000,v1=9d8c…
{
  "id": "evt_3Kx9",
  "type": "payment.settled",
  "created": "2026-07-08T09:20:00Z",
  "data": {
    "id": "pay_7Ka2",
    "account_id": "acc_9f2b",
    "amount": 3500.00,
    "currency": "EUR",
    "scheme": "sepa_instant",
    "status": "settled",
    "settled_in_ms": 1870
  }
}
Sandbox

Prototype the whole stack β€” no real money.

A fully isolated environment that mirrors production behaviour, so your team can build and test end-to-end before go-live.

πŸ§ͺ

Realistic test data

Pre-seeded accounts, IBANs, cards and identities to build against from your first request.

πŸŽ›οΈ

Simulators

Trigger settlements, declines, chargebacks and KYC outcomes on demand to cover every path.

πŸ”

Replayable events

Re-send any webhook to your endpoint to debug delivery, signatures and retries locally.

🚫

No real money

Nothing settles on real rails and no funds ever move β€” experiment freely and safely.

Official SDKs

Idiomatic libraries for your stack.

Typed, versioned and generated from our OpenAPI spec β€” so they stay in lock-step with the API.

🟒

Node.js

Fully typed TypeScript client with promises, pagination helpers and webhook signature verification.

🐍

Python

Sync and async clients with type hints, retries and first-class dataclass models.

β˜•

Java

JVM client with builder-style requests, connection pooling and Spring-friendly configuration.

🐹

Go

Lightweight, context-aware client with zero heavy dependencies and idiomatic error handling.

Reliability

Engineered for a 99.99% uptime target.

Multi-region EU hosting, health checks and transparent operational reporting keep your integration running.

Live status page. Real-time component health, incident history and maintenance windows are published at status.italianfinancial.com, with a 99.99% availability target across the platform.
Environments

Base URLs.

Keep sandbox and production strictly separated β€” credentials and data never cross the boundary.

🟒

Production

https://api.italianfinancial.com/v1

Live money movement. Requires production keys and, optionally, mTLS.

πŸ§ͺ

Sandbox

https://sandbox.italianfinancial.com/v1

Isolated test environment with simulators and replayable events.

Get started

Ready to get API access?

Tell us what you are building and we will provision sandbox keys and a technical walkthrough for your engineers.