NEWConduyt v3 is live: native email + SMS campaigns, now with flow-based automation.See what's new →
Documentation · v3.0

Build on Conduyt.
Ship faster.

Guides, API references, and OpenAPI tooling for integrating with Conduyt CRM. Written by the engineers who built it.

Overview

Conduyt's API lets you programmatically manage contacts, deals, pipelines, tasks, and more. Build integrations, automate workflows, and extend your CRM with a REST API that mirrors every action available in the Conduyt web app.

The API uses standard HTTP verbs, returns JSON responses, and authenticates via Bearer tokens. If you can make HTTP requests, you can use Conduyt's API. No SDK required — any language with HTTP support works.

New: Browse all 200+ endpoints interactively in the API Explorer, or download the OpenAPI 3.1 spec to generate client SDKs in any language.

Authentication

All API requests require a Bearer token sent in the Authorization header. Tokens are scoped to a workspace and can be granted read-only, read-write, or admin permissions.

Creating an API Key

  1. Navigate to Settings → API in your Conduyt workspace
  2. Click Generate Key
  3. Choose a scope: read, read-write, or admin
  4. Copy the key immediately; it will only be shown once

All API keys are prefixed with cdy_ for easy identification in logs and config files. API keys support optional expiry dates configured at creation. User-scoped tokens expire after 90 days of inactivity.

Authorization Header
curl https://conduyt.app/api/v1/contacts \
  -H "Authorization: Bearer cdy_your_api_key_here" \
  -H "Content-Type: application/json"

# 200 OK
Security tip: Store your API key in an environment variable (CONDUYT_API_KEY). Never commit keys to version control or expose them in client-side code.

Base URL

All API requests are made to the following base URL:

Base URL
https://conduyt.app/api/v1

All endpoints documented in this guide are relative to this base. For example, the contacts list endpoint is GET https://conduyt.app/api/v1/contacts.

Rate Limits

Rate limits are enforced per API key. The default rate limit is 100 requests per minute, configurable per key at creation up to 10,000 per minute. Security-critical endpoints such as login and password reset are limited to 5 requests per minute regardless of key configuration.

Rate limit information is included in every response via these headers:

HeaderDescription
X-RateLimit-LimitMaximum requests allowed in the current window
X-RateLimit-RemainingRequests remaining in the current window
X-RateLimit-ResetUnix timestamp when the current window resets
Retry-AfterSeconds to wait before retrying (only on 429)

Accounts & Workspaces

Conduyt uses a multi-tenant architecture where all data is scoped to a workspace. Each workspace belongs to an account and is fully isolated: contacts, deals, pipelines, and settings in one workspace are invisible to another.

API keys are workspace-scoped. A single account can have multiple workspaces (e.g., one per department or region), each with its own API keys, pipelines, and team members.

Pagination

All list endpoints return paginated results. Conduyt uses page-based pagination with page and limit query parameters.

Paginated Request
GET /api/v1/contacts?page=2&limit=25

# Response includes pagination metadata
{
  "data": [...],
  "meta": {
    "page": 2,
    "limit": 25,
    "total": 342,
    "totalPages": 14
  }
}
ParameterTypeDefaultDescription
pageinteger1Page number to retrieve
limitinteger50Items per page (max: 100)

Filtering

Most list endpoints support filtering via query parameters. Filters are specific to each resource. See the API Reference for available filters per endpoint.

Common filter patterns:

  • Exact match: ?status=active
  • Search: ?search=sarah (searches across name, email, phone)
  • Date range: ?created_after=2026-01-01&created_before=2026-03-31
  • Relationship: ?assigned_to=uuid

Error Handling

All error responses follow a consistent JSON structure with a stable code enum, a human-readable message, and optional details for validation errors.

Error Response Format
{
  "error": {
    "code": "validation_failed",
    "message": "The request body contains invalid fields.",
    "details": [
      {
        "field": "email",
        "message": "Must be a valid email address"
      }
    ]
  }
}
HTTP StatusCodeMeaning
400invalid_requestMalformed request body or query parameters
401unauthenticatedMissing, invalid, or expired API key
403permission_deniedAPI key lacks the required scope for this action
404not_foundResource does not exist or is not accessible
422validation_failedRequest is well-formed but semantically invalid. Check details array.
429rate_limitedRate limit exceeded. Check Retry-After header.
500internal_errorSomething went wrong on our end. Retry after a moment.
503unavailableService temporarily unavailable. Check status page.

Webhooks

Webhooks let you receive real-time HTTP notifications when events occur in your workspace. Instead of polling the API, register a webhook URL and Conduyt will POST event payloads to it.

Signing & Verification

Every webhook request is signed with HMAC-SHA256 using your workspace's webhook secret. The signature is sent in the X-Conduyt-Signature header. Always verify signatures before processing webhooks.

Signature Verification · Node.js
import crypto from 'crypto';

function verifyWebhook(req, secret) {
  const signature = req.headers['x-conduyt-signature'];
  const computed = crypto
    .createHmac('sha256', secret)
    .update(JSON.stringify(req.body))
    .digest('hex');

  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(computed)
  );
}

Retry Policy

If your endpoint returns a non-2xx status code, Conduyt retries with exponential backoff through the 72-hour retry window. After the final failed attempt, the delivery is marked failed and can be replayed from delivery history.

Available Events

  • contact.created, contact.updated, contact.deleted
  • deal.created, deal.updated, deal.stage_changed
  • task.created, task.completed
  • message.sent, message.received
  • note.created
  • pipeline.updated

See Webhooks API Reference for the full event catalog and payload schemas.

API Resources

Below is a summary of every resource available in the Conduyt API. Each links to its full endpoint documentation in the API Reference.

CRUD + IMPORT

Contacts

Create, read, update, delete contacts. Tag contacts, import from CSV, and perform bulk operations.

CRUD

Companies

Manage companies and link them to contacts. Track company-level data and relationships.

CRUD

Deals

Create and manage deals. Move deals through pipeline stages, assign owners, and track values.

CRUD

Pipelines

Configure pipelines and stages. Define stage order, probabilities, and multi-pipeline workflows.

CRUD

Tasks

Create tasks, assign to team members, set due dates, and mark complete. Link to contacts or deals.

CRUD

Notes

Add notes to contacts and deals. Rich text supported. Notes appear in the activity timeline.

CRUD

Tags

Create and manage tags. Apply tags to contacts for segmentation and filtering.

SEND + LIST

Messages

Send SMS and email messages to contacts. View message history and delivery status.

READ

Conversations

View threaded conversation history for any contact, across SMS and email channels.

CRUD + TRIGGER

Automations

Register n8n webhook triggers, list automations, and fire custom events into your workflows.

CRUD

Calendars

Manage calendars and appointments. Create booking links, schedule meetings, and track availability.

CRUD

Custom Fields

Define custom fields for contacts, deals, and companies. Supports text, phone, email, URL, formatted number, date, dropdown, radio, multi-select, checkbox, and optional URL/email domain rules.

CRUD + TEST

Webhooks

Register webhook endpoints, choose events to subscribe to, and send test payloads for verification.

CRUD + INVITE

Users

List team members, send invitations, update roles, and remove users from the workspace.

MANAGE

Billing

Create checkout sessions, access the billing portal, and check subscription status.

SEARCH

Search

Cross-entity search across contacts, deals, companies, and notes with a single query.

AUDIT

Activities

View the audit trail of all actions taken in the workspace. Filter by entity, user, or action type.

BATCH

Bulk Operations

Batch update, delete, or tag contacts and deals. Process up to 1,000 records per request.

CRUD + PUBLIC

Forms

Lead capture forms and submission tracking. Public submission endpoint auto-creates contacts by email.

CRUD

Products

Product catalog for invoicing. Manage SKUs, pricing, tax settings, and units.

CRUD + PAYMENTS

Invoices

Create, send, and track invoices with line items. Record payments and auto-calculate totals.

MANAGE

Payments

Record and manage payments against invoices. Auto-updates paid amounts and invoice status.

CRUD

Email Templates

Create and manage reusable email templates with merge fields for personalized outreach.

CRUD + ENROLL

Email Sequences

Automated multi-step email sequences. Enroll contacts, track opens, and manage drip campaigns.

CRUD

Calls

Log and track calls with contacts. Filter by direction, status, user, and date range.

CRUD + TRIGGER

Workflows

Advanced workflow automation with triggers, actions, and run history. Activate, deactivate, and monitor executions.

SDKs

Official SDKs are coming soon. In the meantime, any language with HTTP support works — the REST API is fully documented and requires no wrapper library.

Node.js / TypeScript

Coming soon

Python

Coming soon

Quickstart

Go from zero to your first API call in under 5 minutes.

  1. Create an API key

    Go to Settings → API in your Conduyt workspace. Click Generate Key, select read-write scope, and copy the key. It starts with cdy_.

  2. List your contacts

    Make your first API call to fetch contacts from your workspace.

    curl
    curl -s https://conduyt.app/api/v1/contacts?limit=5 \
  -H "Authorization: Bearer cdy_your_api_key" | jq .

# Returns your first 5 contacts with pagination metadata

  3. Create a deal

    Create a new deal in your default pipeline.

    curl
    curl -X POST https://conduyt.app/api/v1/deals \
  -H "Authorization: Bearer cdy_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Northwind Logistics",
    "value": 42000,
    "pipelineId": "pipe_default",
    "stageId": "stage_qualified"
  }'

# Returns the newly created deal object

  4. Set up a webhook

    Subscribe to deal events so you get notified when deals are created or updated.

    curl
    curl -X POST https://conduyt.app/api/v1/webhooks/manage \
  -H "Authorization: Bearer cdy_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://your-app.com/webhooks/conduyt",
    "events": ["deal.created", "deal.stage_changed"],
    "isActive": true
  }'

# Returns the webhook object with your signing secret

  5. Next steps

    You're up and running. Explore the full API Reference for all available endpoints, or download the OpenAPI spec to generate typed clients in your language of choice.

For AI Agents

Conduyt is an AI-native CRM. Every feature is accessible to AI agents via REST API. Three files ship with the platform so AI tools auto-discover capabilities without reading docs.

llms.txt

Served at conduyt.app/llms.txt — a machine-readable discovery file, like robots.txt for AI. Any agent can fetch this to learn what Conduyt does: capabilities, key endpoints, auth requirements, and getting-started steps.

Fetch
curl https://conduyt.app/llms.txt

CLAUDE.md

Project-level instructions for Claude Code (Anthropic's CLI). When a developer opens the Conduyt repo in Claude Code, it automatically reads this file and learns every API entry point, the tech stack, coding standards, and key file paths. Claude can then build workflows, create endpoints, and debug issues with full context.

AGENTS.md

Same content as CLAUDE.md, formatted for Codex (OpenAI's coding agent) and other AI development tools. Identical API instructions ensure every AI assistant — regardless of provider — gets the same context when working on the codebase.

API Catalog

Call GET /api/v1/schema/api-catalog to discover all 370+ endpoints across 30 domains in one machine-readable JSON response. This is the AI agent's front door to the CRM.

curl
curl https://conduyt.app/api/v1/schema/api-catalog \
  -H "Authorization: Bearer cdy_your_api_key" | jq .domains | jq keys

# ["activities", "admin", "apiKeys", "auth", "automations",
#  "billing", "bulk", "calendars", "calls", "companies",
#  "contacts", "conversations", ...]

Scoped API Keys

Control exactly what each AI agent can do with tier-based access:

FeatureDescription
Tiersread, write, admin — method-level enforcement
Domain ScopesRestrict keys to specific domains (e.g., ["contacts", "deals"])
IP AllowlistingCIDR notation — lock a key to specific server IPs
Per-Key Rate LimitsCustom rate limits per key
Self-DiscoveryGET /api/v1/api-keys/check — agents discover their own permissions
AI-first design: Conduyt was built so AI agents are first-class citizens. Name-to-ID resolution means agents say "Sales Pipeline" instead of UUIDs. Stateless validation lets agents check workflow graphs before saving. Dry-run mode tests without side effects. Read llms.txt for the full capability map.

Ready to integrate?

The API Reference documents every endpoint with parameters, response schemas, and curl examples.