Skip to main content
The governance block lets you seed all governance resources directly in config.json. On startup, Bifrost loads these into the configuration store. This is the recommended approach for GitOps workflows where governance state is managed as code.
In default split mode, file-backed governance resources seed or update the DB by hash while unrelated DB-only resources are preserved. With source_of_truth: "config.json", only governance sub-sections that are explicitly present in the file are authoritative. Omit a sub-section to leave DB-managed rows alone; set it to an empty array only when you intend to remove stored rows for that sub-section. See Source of Truth & Reconciliation.
Governance enforcement is always active in OSS - you do not need a plugin entry to enable it. To require a virtual key on every inference request, set client.enforce_auth_on_inference: true. This is the global default, but a more specific inference-auth flag such as governance.auth_config.disable_auth_on_inference overrides it; if no specific override is set, client.enforce_auth_on_inference applies.

Admin Authentication

Protect the Bifrost dashboard and management API with username/password auth:

Virtual Keys

Virtual keys are issued to clients and act as scoped API tokens. Each key specifies which providers, models, and API keys the bearer is allowed to use.

Virtual Key Fields

Provider Config Fields


Budgets

Budgets cap cumulative spend (in USD) for a virtual key or provider config over a rolling window:

Rate Limits

Rate limits cap requests or tokens over a rolling window:
Attach a rate limit to a virtual key via virtual_keys[].rate_limit_id, or to a provider config via virtual_keys[].provider_configs[].rate_limit_id.

Model Limits

governance.model_configs applies budgets and rate limits keyed on a model name, an optional provider, and a scope. This is the same data the Budget & Limits → Model Limits UI manages.

Routing Rules

Routing rules dynamically select the provider and model for each request based on a CEL expression. They are evaluated in priority order before the request is dispatched.

Rule Fields

Target Fields


Customers & Teams

Define organizational entities and attach budgets or rate limits to them:

Full Governance Example