For credit card payments you can use the card information only if you business is Full PCI DSS compliant. Otherwise you need to securely collect the card information using Smart Fields.
For recurring payments, first save the card, and then use the card_id to charge the card.
Important: If you are making a payment with credit card information or aGoogle Pay™ token, you need to use the following endpoint:
Card payments with a card_id or token should use the endpoint: https://api.dlocal.com/payments