fmsouza
commented
2 years ago Hey @jhonpedro!
So giving you some context, basically @andreroggeri spent some time to create his python library for the same purpose a few years ago, and this repository is basically a not-so-up-to-date translation from his repository to TypeScript.
According to what I read in some discussions in his repository, the strategy was basically reverse engineering using man-in-the-middle attack via running the app on an emulator in the computer. So he (and other devs) would listen to the requests with their payloads for each action you do in the app and map those so this could be redone in the library.
Initially, it was possible to make the introspection call to their GraphQL endpoint and read the entire specification for the API, but after they've started talking about it in the repo Nubank people addressed that so we wouldn't be able to anymore (I've tried the same thing when I heard about it, and it sadly wasn't returning anything anymore).
So whatever developments done since then were basically via reverse engineering of the code again, which is a very time consuming way of developing an API, so that's why it'll likely always be pretty slow to bring new features.
Said that, if you don't want to use those libs but want to develop some sort of integration either way, what I'd recommend you is going through our codebases to learn how things are working and then just try to replicate for your use case. Unfortunately there's really no other better alternative that we know of.
jhonpedro
I opened this issue because I do not know how we can find the API endpoints without a documentation. I am curious about how you guys made it and maybe I can help building other repositories about other fintech/banks like this one.
And I would really appreciate if you guys give me some resources/directions on how can I discover Nubank or bank related API's their endpoints.
I saw that there are some "Discovery" endpoints, but I did not manage to go beyound that.
Thank you guys!