> ## Documentation Index > Fetch the complete documentation index at: https://docs.getbifrost.ai/llms.txt > Use this file to discover all available pages before exploring further. # Bifrost Enterprise Gateway > Production-grade AI gateway for organizations running mission-critical AI workloads. Built on top of open-source Bifrost with high-availability clustering, fine-grained governance, audit-grade compliance, and managed deployment options. Bifrost Enterprise builds on the open-source [Bifrost AI Gateway](/overview) with the reliability, security, and governance capabilities required to run AI in production at organizational scale. Every OSS feature ships in Enterprise - plus high-availability clustering, predictive load balancing, identity federation, role-based access control, audit-grade compliance logging, and private-network deployment options. Bifrost Enterprise architecture

## Built on open source Bifrost Enterprise is a strict superset of the [open-source gateway](/overview). Every provider, integration, plugin, and SDK supported in OSS works identically in Enterprise - no migration, no re-integration, same `config.json` schema. Enterprise adds the capabilities organizations need at scale. Start a 14-day free trial of Bifrost Enterprise - no credit card required. Walk through Enterprise capabilities with a Bifrost engineer. *** ## Reliability & scale High-availability clustering with automatic service discovery, gossip-based state sync, gRPC counter sync, and zero-downtime rolling deployments. Predictive scaling with real-time provider health monitoring; traffic shifts automatically to the fastest available upstream. *** ## Governance & access control Hierarchical policy enforcement across teams, customers, and business units with access profiles and budgets. Fine-grained permissions with custom roles controlling access across every Bifrost resource. Directory-based user and group sync for automated lifecycle management with token-driven group restriction. ### Identity providers (SSO) OIDC + SCIM integration with Okta as your identity provider. Azure AD / Entra ID with GCC High and DoD cloud support. Self-hosted identity with full SCIM and OIDC support. Cloud-native identity with first-class user grants and project mapping. Workspace directory federation with Application Default Credentials inheritance. *** ## Security & compliance Content safety with AWS Bedrock Guardrails, Azure Content Safety, GraySwan, and Patronus AI for runtime protection. Immutable audit trails for SOC 2, GDPR, HIPAA, and ISO 27001 compliance. Encryption at rest and in transit, vulnerability scanning, dependency management, and secure defaults. *** ## Operations & extensibility Transform existing enterprise APIs into MCP tools using federated authentication - no glue code required. Tailored plugin development for organization-specific AI workflows and business logic. Automated export of request logs and telemetry to S3, GCS, BigQuery, and other data lakes. Native Datadog APM, LLM Observability, and metrics integration with full request tracing. *** ## Deployment options Deploy entirely within your private cloud with no traffic crossing public network boundaries. Compare deployment options, authentication methods, and security trade-offs across clouds. Deploy on EKS or ECS with IRSA / IAM Task Roles for cloud-native authentication. Deploy on GKE with Workload Identity for keyless service account access. Deploy on AKS with Azure Workload Identity Federation. Air-gapped or self-hosted deployments with Docker credentials.