> ## Documentation Index > Fetch the complete documentation index at: https://docs.getbifrost.ai/llms.txt > Use this file to discover all available pages before exploring further. # Authorization Server Metadata (RFC 8414) > Returns the OAuth 2.0 Authorization Server Metadata document per RFC 8414. After fetching the Protected Resource Metadata, MCP clients fetch this endpoint to discover Bifrost's OAuth endpoints (register, authorize, token) and capabilities (PKCE methods, grant types, etc.). Returns `404` when no MCP clients are configured with `auth_type: per_user_oauth`. ## OpenAPI ````yaml /openapi/openapi.json get /.well-known/oauth-authorization-server openapi: 3.1.0 info: title: Bifrost API description: > Bifrost HTTP Transport API for AI model inference and gateway management. This API provides a unified interface for interacting with multiple AI providers including OpenAI, Anthropic, Bedrock, Gemini, and more through a single API, along with comprehensive management APIs for configuring and monitoring the gateway. ## API Structure ### Unified Inference API (`/v1/*`) The primary API using Bifrost's unified format. Model parameters use the format `provider/model` (e.g., `openai/gpt-4`, `anthropic/claude-3-opus`). ### Async Inference API (`/v1/async/*`) Submit inference requests for asynchronous execution. Returns a job ID immediately and allows polling for results. Supports all inference types except batches, files, and containers. ### Provider Integration APIs Native provider-format APIs for drop-in compatibility: - `/openai/*` - OpenAI-compatible API - `/anthropic/*` - Anthropic-compatible API - `/genai/*` - Google GenAI (Gemini) compatible API - `/bedrock/*` - AWS Bedrock compatible API - `/cohere/*` - Cohere compatible API ### Framework Integration APIs Multi-provider proxy endpoints for AI frameworks: - `/litellm/*` - LiteLLM proxy with all provider formats - `/langchain/*` - LangChain compatible endpoints - `/pydanticai/*` - PydanticAI compatible endpoints ### Management APIs (`/api/*`) APIs for managing and monitoring the Bifrost gateway: - `/api/config` - Configuration management - `/api/providers` - Provider and API key management - `/api/plugins` - Plugin management - `/api/governance/*` - Virtual keys, teams, customers, budgets, rate limits, routing rules, and pricing overrides - `/api/logs` - Log search and analytics - `/api/mcp/*` - MCP (Model Context Protocol) client management - `/api/session/*` - Authentication and session management - `/api/cache/*` - Cache management - `/health` - Health check endpoint ## Fallbacks Requests can include fallback models that will be tried if the primary model fails. version: 1.0.0 contact: name: Contact Us url: https://getmaxim.ai/bifrost license: name: Apache 2.0 url: https://opensource.org/licenses/Apache-2.0 servers: - url: '{baseUrl}' description: Your Bifrost instance variables: baseUrl: default: http://localhost:8080 description: Base URL of your Bifrost instance (e.g. https://bifrost.mycompany.com) security: - BearerAuth: [] - BasicAuth: [] - ApiKeyAuth: [] tags: - name: Models description: Model listing and information - name: Chat Completions description: Chat-based text generation - name: Text Completions description: Text completion generation - name: Responses description: OpenAI Responses API compatible endpoints - name: OCR description: Optical character recognition for documents and images - name: Rerank description: Document reranking by relevance to a query - name: Embeddings description: Text embedding generation - name: Images description: Image generations, editing, and variations - name: Videos description: Video generation and management - name: Audio description: Speech synthesis and transcription - name: Count Tokens description: Token counting utilities - name: Batch description: Batch processing operations - name: Files description: File management operations - name: Containers description: Container management operations - name: Async Jobs description: Asynchronous job submission and retrieval endpoints - name: OpenAI Integration description: OpenAI-compatible API endpoints (/openai/*) - name: Azure Integration description: Azure OpenAI integration endpoints - name: Anthropic Integration description: Anthropic-compatible API endpoints (/anthropic/*) - name: GenAI Integration description: Google GenAI (Gemini) compatible API endpoints (/genai/*) - name: Bedrock Integration description: AWS Bedrock compatible API endpoints (/bedrock/*) - name: Cohere Integration description: Cohere compatible API endpoints (/cohere/*) - name: LiteLLM Integration description: LiteLLM proxy endpoints with multi-provider support (/litellm/*) - name: LangChain Integration description: LangChain compatible endpoints with multi-provider support (/langchain/*) - name: PydanticAI Integration description: >- PydanticAI compatible endpoints with multi-provider support (/pydanticai/*) - name: Health description: Health check endpoints - name: Configuration description: Configuration management endpoints - name: Session description: Session and authentication endpoints - name: Providers description: Provider management endpoints - name: Plugins description: Plugin management endpoints - name: MCP description: Model Context Protocol endpoints - name: Governance description: Virtual keys, teams, and customers management - name: Logging description: Log search and management endpoints - name: Cache description: Cache management endpoints paths: /.well-known/oauth-authorization-server: get: tags: - OAuth - Per-User OAuth summary: Authorization Server Metadata (RFC 8414) description: > Returns the OAuth 2.0 Authorization Server Metadata document per RFC 8414. After fetching the Protected Resource Metadata, MCP clients fetch this endpoint to discover Bifrost's OAuth endpoints (register, authorize, token) and capabilities (PKCE methods, grant types, etc.). Returns `404` when no MCP clients are configured with `auth_type: per_user_oauth`. operationId: getOAuthAuthorizationServerMetadata responses: '200': description: Authorization server metadata content: application/json: schema: type: object description: > OAuth 2.0 Authorization Server Metadata per RFC 8414. Returned by /.well-known/oauth-authorization-server to let MCP clients discover Bifrost's OAuth endpoints and capabilities. properties: issuer: type: string description: Authorization server issuer URL (Bifrost base URL) example: https://your-bifrost-domain.com authorization_endpoint: type: string description: Authorization endpoint URL example: >- https://your-bifrost-domain.com/api/oauth/per-user/authorize token_endpoint: type: string description: Token endpoint URL example: https://your-bifrost-domain.com/api/oauth/per-user/token registration_endpoint: type: string description: Dynamic client registration endpoint URL example: >- https://your-bifrost-domain.com/api/oauth/per-user/register response_types_supported: type: array items: type: string example: - code grant_types_supported: type: array items: type: string example: - authorization_code code_challenge_methods_supported: type: array items: type: string description: Supported PKCE methods (only S256) example: - S256 token_endpoint_auth_methods_supported: type: array items: type: string description: >- Supported token endpoint auth methods (public clients only) example: - none scopes_supported: type: array items: type: string example: - mcp:read - mcp:write example: issuer: https://your-bifrost-domain.com authorization_endpoint: https://your-bifrost-domain.com/api/oauth/per-user/authorize token_endpoint: https://your-bifrost-domain.com/api/oauth/per-user/token registration_endpoint: https://your-bifrost-domain.com/api/oauth/per-user/register response_types_supported: - code grant_types_supported: - authorization_code code_challenge_methods_supported: - S256 token_endpoint_auth_methods_supported: - none scopes_supported: - mcp:read - mcp:write '404': description: No per-user OAuth MCP clients configured content: text/plain: schema: type: string components: securitySchemes: BearerAuth: type: http scheme: bearer description: > Bearer token authentication. Use your provider API key or Bifrost authentication token. Virtual keys (prefixed with `sk-bf-`) can also be passed here. BasicAuth: type: http scheme: basic description: | Basic authentication using username and password. ApiKeyAuth: type: apiKey in: header name: x-api-key description: | API key authentication via the `x-api-key` header. Virtual keys (prefixed with `sk-bf-`) can also be passed here. ````