Bifrost Enterprise builds on the open-source Bifrost AI Gateway with the reliability, security, and governance capabilities required to run AI in production at organizational scale. Every OSS feature ships in Enterprise - plus high-availability clustering, predictive load balancing, identity federation, role-based access control, audit-grade compliance logging, and private-network deployment options.Documentation Index
Fetch the complete documentation index at: https://docs.getbifrost.ai/llms.txt
Use this file to discover all available pages before exploring further.
Built on open source
Bifrost Enterprise is a strict superset of the open-source gateway. Every provider, integration, plugin, and SDK supported in OSS works identically in Enterprise - no migration, no re-integration, sameconfig.json schema. Enterprise adds the capabilities organizations need at scale.
Try Enterprise free
Start a 14-day free trial of Bifrost Enterprise - no credit card required.
Book a demo
Walk through Enterprise capabilities with a Bifrost engineer.
Reliability & scale
Clustering
High-availability clustering with automatic service discovery, gossip-based state sync, gRPC counter sync, and zero-downtime rolling deployments.
Adaptive Load Balancing
Predictive scaling with real-time provider health monitoring; traffic shifts automatically to the fastest available upstream.
Governance & access control
Advanced Governance
Hierarchical policy enforcement across teams, customers, and business units with access profiles and budgets.
Role-Based Access Control
Fine-grained permissions with custom roles controlling access across every Bifrost resource.
User Provisioning (SCIM)
Directory-based user and group sync for automated lifecycle management with token-driven group restriction.
Identity providers (SSO)
Okta
OIDC + SCIM integration with Okta as your identity provider.
Microsoft Entra
Azure AD / Entra ID with GCC High and DoD cloud support.
Keycloak
Self-hosted identity with full SCIM and OIDC support.
Zitadel
Cloud-native identity with first-class user grants and project mapping.
Google Workspace
Workspace directory federation with Application Default Credentials inheritance.
Security & compliance
Guardrails
Content safety with AWS Bedrock Guardrails, Azure Content Safety, GraySwan, and Patronus AI for runtime protection.
Audit Logs
Immutable audit trails for SOC 2, GDPR, HIPAA, and ISO 27001 compliance.
Security Posture
Encryption at rest and in transit, vulnerability scanning, dependency management, and secure defaults.
Operations & extensibility
MCP with Federated Auth
Transform existing enterprise APIs into MCP tools using federated authentication - no glue code required.
Custom Plugins
Tailored plugin development for organization-specific AI workflows and business logic.
Log Exports
Automated export of request logs and telemetry to S3, GCS, BigQuery, and other data lakes.
Datadog Connector
Native Datadog APM, LLM Observability, and metrics integration with full request tracing.
Deployment options
In-VPC Deployments
Deploy entirely within your private cloud with no traffic crossing public network boundaries.
Deployment Overview
Compare deployment options, authentication methods, and security trade-offs across clouds.
AWS
Deploy on EKS or ECS with IRSA / IAM Task Roles for cloud-native authentication.
GCP
Deploy on GKE with Workload Identity for keyless service account access.
Azure
Deploy on AKS with Azure Workload Identity Federation.
On-Premise
Air-gapped or self-hosted deployments with Docker credentials.