Santander Brasil

v0.2.0-alpha.1OAuth2alpha

3rd largest private BR bank. Completes the top-3 BR private-bank trio (Itaú + Bradesco + Santander). OAuth2 + mTLS. Cobrança workspace-scoped with X-Application-Key. Alpha on npm — auth verified via community SDKs, Pix paths BACEN-standard high confidence.

23 tools5 env vars🇧🇷 Brazilalpha — pending validation

Install

terminal

$ npm install @codespar/mcp-santander@alpha

Quickstart

Add this entry to your claude_desktop_config.json (or any MCP-compatible client config).

claude_desktop_config.json

{
  "mcpServers": {
    "santander": {
      "command": "npx",
      "args": [
        "-y",
        "@codespar/mcp-santander@alpha"
      ],
      "env": {
        "SANTANDER_CLIENT_ID": "<your_santander_client_id>",
        "SANTANDER_CLIENT_SECRET": "<your_santander_client_secret>",
        "SANTANDER_CERT_PATH": "<your_santander_cert_path>",
        "SANTANDER_KEY_PATH": "<your_santander_key_path>"
      }
    }
  }
}

After restart, your agent can call any of the 23 tools below — try get_oauth_token first.

Environment variables · 5

Required to authenticate the server. Stored encrypted when using CodeSpar managed hosting.

SANTANDER_CLIENT_ID

required

Santander OAuth client_id issued via the Developer Portal (developer.santander.com.br) after contract onboarding.

SANTANDER_CLIENT_SECRET

requiredsecret

Santander OAuth client_secret.

SANTANDER_CERT_PATH

required

Absolute path to the mTLS client certificate (.crt or .pem). BACEN mandates mTLS for Pix v2, and Santander's trust-open gateway enforces it across product families.

SANTANDER_KEY_PATH

requiredsecret

Absolute path to the mTLS private key (.key or .pem).

SANTANDER_ENV

optional

Environment: 'sandbox' or 'production'. Defaults to 'sandbox'.

Available tools · 23

Each tool is independent — your agent loads only what it needs to reduce context and response time.

READget_oauth_token

Mint or return a cached OAuth2 client_credentials bearer token for the Santander Developer Portal. Exposed so agents can inspect token freshness; normal tool calls obtain tokens implicitly.

WRITEsend_pix

Initiate an outbound Pix payment from the merchant's Santander account. Amount in BRL major units (e.g. '10.50').

WRITEcreate_pix_qr

Create a dynamic Pix charge with QR code (cob). Returns the txid, copy-paste EMV payload, and location URL.

READget_pix

Retrieve a Pix transaction by its BCB endToEndId (E<ispb><yyyymmddhhmm><sequence>).

READresolve_dict_key

Resolve a DICT key (CPF, CNPJ, email, phone, EVP) to the owner's account data before sending a Pix. Subject to BCB rate limits per consenting payer.

DELETErefund_pix

Refund (devolução) a previously received Pix. Must reference the original endToEndId and a merchant-side refund id.

WRITEcreate_boleto

Issue a boleto via Santander Cobrança (collection_bill_management v2). Requires a pre-provisioned workspace_id that binds the covenant and webhook config. Returns bill_id, linha_digitável, barcode, and PDF URL.

READget_boleto

Retrieve a boleto by its Santander bill_id (SONDA query via collection_bill_management v2).

Compatible frameworks

MCP is a protocol — any framework that speaks it can mount this server.

Claude Agent SDKAnthropic

OpenAI AgentsOpenAI

Vercel AI SDKVercel

LangChainLangChain

LlamaIndexLlamaIndex

CrewAICrewAI

MastraMastra

Any MCP clientProtocol

Frequently asked questions

All credentials are encrypted at rest in an isolated vault scoped per organization. OAuth2 tokens are automatically refreshed before expiry. Your agent code never sees raw secrets — it receives scoped, short-lived session tokens.