Financial infrastructure for Brazilian fintechs, starting with trust.

Swepay builds the identity, certificate, and authentication layers that regulated Brazilian fintechs use to authenticate B2B partners and automate certificate lifecycles. All in APIs. No vendors patched together by glue code.

Explore the platform For developers

01, The problem

Building a regulated fintech in Brazil means patching multiple vendors together.

One vendor for IAM. Another for PKI. Another for passwordless. Another for transactional email. Another for regulated digital certificates. Plus internal glue code holding it all together, written once, maintained forever.
Each vendor evolves on its own cadence. Each API has its own auth model. Each product has its own interpretation of LGPD, of FAPI, of what "audit log" means.
When regulation changes, and Brazilian financial regulation always does, your platform team pays in months of rework.

02, The platform

One stack. Four products. Designed to coexist.

Swepay's platform is built layer by layer. Each product solves a specific problem fintechs face when they hit regulatory scale. Together, they replace a fragmented vendor stack with an integrated platform.

Available now

swepay · ca manager

CA Manager

mTLS certificate API for B2B partner authentication.

REST API for issuing and managing mTLS certificates. Built for fintechs that authenticate dozens to hundreds of partners in private integrations.

In development

swepay · native guard

Native Guard

Managed OIDC/OAuth2 multi-realm server.

Multi-tenant identity server for fintechs that need a managed alternative to operating Keycloak. Currently in technical validation.

Coming soon

swepay · native passkey

Native Passkey

FIDO2/WebAuthn passwordless API.

Passwordless authentication API for mobile apps that need Strong Customer Authentication without adding friction.

Coming soon

swepay · native email

Native Email

Transactional email API for regulated services.

Email sending API designed for services that need deliverability, audit trail, and Brazilian residency by default.

03, For developers

From zero to first certificate in five minutes.

Subscribe via AWS Marketplace, receive your JWT credentials, and start issuing certificates with one API call. No painted demo. No yearly contract upfront.

curl -X POST https://ca.swepay.com.br/v1/certificates \
  -H "Authorization: Bearer ${SWEPAY_JWT}" \
  -H "Content-Type: application/json" \
  -d '{
    "clientId": "partner_001",
    "commonName": "partner.example.com",
    "organization": "Your Fintech",
    "organizationalUnit": "B2B Integrations",
    "country": "BR",
    "validityDays": 365
  }'

Full quickstart, API reference, and architecture details on the developers page →

04, Built for Brazil

Brazilian context isn't a footnote in our roadmap. It's the roadmap.

Data protection by design.

Data residency, retention, and subject rights are part of every product's foundation, not a compliance afterthought.

Audit trail by default.

Every certificate operation leaves an immutable audit record: issuance, renewal, revocation, status query. Logs are retained per your plan and queryable when an auditor asks for evidence. Not bolted on after a security review. Native to the API surface from day one.

Native to sa-east-1.

Infrastructure runs in São Paulo, with latency budgets calibrated for Brazilian fintech workloads. No transatlantic detours.

Start where it makes sense.

Most Brazilian fintechs start with CA Manager: in production today, self-serve on AWS Marketplace, first certificate issued in minutes. For custom integration scenarios, volume contracts, or a technical conversation before subscribing, talk to engineering.

Subscribe to CA Manager on AWS Marketplace Talk to engineering