Twenty CRM API

Open-source, self-hostable CRM with a GraphQL and REST API for managing contacts, companies, opportunities, and custom objects with a Notion-like flexible data model.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Other twenty crm open-source self-hosted graphql contacts companies deals metadata-api
⚙ Agent Friendliness
71
/ 100
Can an agent use this?
🔒 Security
78
/ 100
Is it safe for agents?
⚡ Reliability
65
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
70
Documentation
72
Error Messages
70
Auth Simplicity
80
Rate Limits
72

🔒 Security

TLS Enforcement
85
Auth Strength
80
Scope Granularity
72
Dep. Hygiene
75
Secret Handling
78

TLS enforcement depends on operator's self-hosted configuration — not guaranteed by default. OAuth2 and API key auth both supported. Open source means full code auditability. GDPR compliant.

⚡ Reliability

Uptime/SLA
65
Version Stability
65
Breaking Changes
60
Error Recovery
70
AF Security Reliability

Best When

An agent deployment requires data sovereignty, on-premise CRM access, or full customization of the CRM data model without SaaS vendor constraints.

Avoid When

You need a production-ready managed CRM with enterprise support SLAs and a mature integration ecosystem out of the box.

Use Cases

  • Building agent workflows against a fully self-hosted CRM with no vendor lock-in or data sovereignty concerns
  • Creating and querying custom CRM objects and fields via the metadata API to model domain-specific data
  • Syncing contacts and companies from external sources using the GraphQL mutations API
  • Querying opportunity pipeline stages to drive agent follow-up and outreach workflows
  • Integrating with agent infrastructure that requires on-premise or private-cloud CRM deployment

Not For

  • Teams that need a fully managed, hosted CRM with no infrastructure responsibility
  • Non-technical buyers who cannot manage a self-hosted deployment or use Twenty Cloud's limited managed tier
  • Enterprises needing mature ecosystem integrations like Salesforce AppExchange equivalents

Interface

REST API
Yes
GraphQL
Yes
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
Yes

Authentication

Methods: api_key oauth2
OAuth: Yes Scopes: Yes

API key for server-to-server agent use. OAuth2 for user-facing flows. Keys generated from Twenty workspace settings. GraphQL endpoint uses Bearer token auth.

Pricing

Model: open_source
Free tier: Yes
Requires CC: No

Open source under MIT license — self-hosting is free with no API call limits. Twenty Cloud managed tier available for teams that don't want to self-host.

Agent Metadata

Pagination
cursor
Idempotent
Partial
Retry Guidance
Not documented

Known Gotchas

  • MCP server is early-stage and self-hosted — agents using it must manage the MCP server lifecycle as part of their infrastructure
  • The metadata API (for creating/modifying custom objects and fields) is a separate API surface from the data API — agents need to understand the two-layer architecture
  • Self-hosted performance and uptime are entirely operator-dependent — SLA guarantees require your own infrastructure investment
  • GraphQL schema introspection is available but custom objects added via metadata API require a schema refresh cycle before they appear
  • Twenty is rapidly evolving; self-hosted deployments may fall behind cloud versions and breaking changes in minor versions are possible during early releases

Alternatives

hubspot-crm-api salesforce-api attio-api folk-api affinity-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Twenty CRM API.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5178
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered