Environments
Understand Sandbox and Production, request limits, and how to access your credentials
Overview
The Conta Simples API offers two isolated environments for different stages of your project:
Sandbox
Test environment for development and integration validation. Simulated data, with no real-world impact.
Production
Live environment with real data and transactions. Requires prior approval and validation.
Sandbox
Characteristics
| Aspect | Description |
|---|---|
| Purpose | Development, testing, and validation |
| Data | Simulated, no real monetary value |
| Availability | 99.5% SLA (maintenance windows may apply) |
| Rate limit | 100 calls per minute per IP |
| Credentials | Sandbox-specific |
Base URL
https://api-sandbox.contasimples.com
Behavior and limitations
In Sandbox, query filters and parameters do not apply: the API returns static responses, regardless of the values you provide for dates, limits, or pagination keys.
No action is actually executed — for example, blocking or unblocking a card, or any other state-changing operation, has no real effect; the API contract, HTTP flow, and response handling.
Production
Characteristics
| Aspect | Description |
|---|---|
| Purpose | Real customer operations |
| Data | Real, with financial impact |
| Availability | 99.9% SLA |
| Rate limit | 100 calls per minute per IP |
| Credentials | Production-specific |
Base URL
https://api.contasimples.com
Access requirements
Integration validated in Sandbox
Demonstrate that your integration works correctly in the test environment.
Security and best-practices checklist approved
Complete the security and integration best practices checklist.
Terms and privacy accepted
Review and accept the terms of use and privacy policy.
Production credentials
Open production credentials in the Internet Banking panel.
Comparison
| Characteristic | Sandbox | Production |
|---|---|---|
| Purpose | Testing | Real operations |
| Data | Simulated | Real |
| Financial impact | None | Real |
| Query filters and parameters | Do not change the result (static response) | Applied to real data |
| State-changing actions (e.g. card block) | Simulated; no real effect | Executed in production |
| Credentials | Sandbox-specific | Production-specific |
| Availability SLA | 99.5% | 99.9% |
| Support | Business hours | 24/7 (per contract) |
| Rate limit | 100 calls/minute per IP | 100 calls/minute per IP |
Rate limit
The API enforces 100 calls per minute per source IP. The limit applies to Sandbox and Production alike: the rule is the same on api-sandbox.contasimples.com and api.contasimples.com.
The counter is per source IP. Traffic from the same IP — for example, multiple processes on one server or clients behind the same NAT — shares the same per-minute budget.
When the limit is reached, requests may be rejected with HTTP 429 (Too Many Requests). Use retry with backoff and avoid bursts; see Best practices for pagination and error handling.
Never use Production credentials in development or test environments. Keep environments fully separated.
How to access your credentials
Credentials for both Sandbox and Production are managed in Conta Simples Internet Banking:
ib.contasimples.com/integracoes/api/credenciais
Open Internet Banking
Log in to Conta Simples Internet Banking and go to Integrations → API → Credentials.
Select the environment
In the credentials panel you will see credentials for Sandbox and Production.
Copy API key and API secret
Each environment provides:
- API key — application identifier
- API secret — secret used to authenticate
Access permissions
The credentials panel is controlled by your user profile and permissions in Internet Banking. Only users with the right permissions can view or manage credentials.
Cannot see credentials? Ask the Conta Simples owner at your company. Permission management is done by your company inside Internet Banking.
Promotion to Production
When your integration is validated in Sandbox, Production credentials are already available in the same panel. Before going live, complete the checklist:
- Sandbox integration validated
- Error handling implemented
- Retry logic with backoff
- Credentials stored securely
- Monitoring and alerts configured
request_idlogging implemented
Best practices
Environment separation
Use environment variables to switch environments:
# Development / testing
export OPENAPI_ENV=sandbox
export OPENAPI_BASE_URL=https://api-sandbox.contasimples.com
export OPENAPI_API_KEY={API_KEY_SANDBOX}
# Production
export OPENAPI_ENV=production
export OPENAPI_BASE_URL=https://api.contasimples.com
export OPENAPI_API_KEY={API_KEY_PRODUCTION}
Validate the environment before critical operations:
// Conceptual example
function getApiConfig() {
const env = process.env.OPENAPI_ENV ?? 'sandbox';
if (env === 'production') {
return new ProductionConfig();
}
return new SandboxConfig();
}
Recommended protections
- Feature flags: Use flags to enable or disable integrations per environment
- Tagged logs: Tag logs with the environment to simplify troubleshooting
- Alerts: Configure different alerts for Sandbox and Production
- Code review: Require review before production deploys
FAQ
No. Each environment has its own credentials, which keeps the environments fully isolated.
No. The environments are isolated. Data created in Sandbox does not exist in Production and vice versa.
Access to the credentials panel depends on your user profile and permissions in Internet Banking. Ask the Conta Simples owner at your company.
Sandbox access is usually free for partners during integration. Check with our sales team.
Next steps
Last updated today
Built with Documentation.AI