Replace the env-based `BuildProviders` with a DB-backed loader. The database is now the single source of truth for runtime provider configuration; env config arrives via `SeedAIProvidersFromEnv` (run at boot) and `BuildProviders` reads it back as `aibridge.Provider` instances. `cli/server.go` and `enterprise/cli/server.go` both call the same path, so aibridged and aibridgeproxyd see the same provider set.
Per-provider `DumpDir` is replaced by a top-level `CODER_AI_GATEWAY_DUMP_DIR` base; each provider's effective dump path is `<base>/<provider name>`.
Adds options matching new AI Gateway naming.
New options are added as alias for old options. Old options are still
working.
Old options have deprecated message.
No conflict detection was added.
Updated documentation so it mentions only new options. Added note about
old options still working.
> Various AI tools where used to create this PR
The Authentication and BYOK docs are now part of their own section above
the Clients subsection. The original PR, coder/coder#25459, was based on
a ticket I generated to calculate the drift, but the contents of the
Linear ticket were geared more toward documenting _everything_ in the
code, which had too much scope and was confusing.
Fixes DOCS-148
<!--
If you have used AI to produce some or all of this PR, please ensure you
have read our [AI Contribution
guidelines](https://coder.com/docs/about/contributing/AI_CONTRIBUTING)
before submitting.
-->
The Claude Code and Codex CLI registry modules expose the variable as
`enable_ai_gateway`, not `enable_aibridge`. Templates using the docs as
written fail Terraform init with `An argument named "enable_aibridge" is
not expected here.`
Verified in
[`registry/coder/modules/claude-code/main.tf`](https://github.com/coder/registry/blob/main/registry/coder/modules/claude-code/main.tf)
and
[`registry/coder-labs/modules/codex/main.tf`](https://github.com/coder/registry/blob/main/registry/coder-labs/modules/codex/main.tf),
where the variable is declared as `enable_ai_gateway` and gates the
`ANTHROPIC_BASE_URL` / `ANTHROPIC_AUTH_TOKEN` injection.
_Generated with the help of Coder Agents._
## Summary
Replace the "Premium" label with "AI Governance Add-On" and add a
disclaimer that the AI Governance Add-On is required for AI Gateway and
Agent Firewall as of Coder v2.32, across all AI Governance doc pages and
their children.
## Changes
**Label and requirement updates (7 files):**
- `docs/ai-coder/ai-governance.md`: Removed "(Premium)" from title;
updated GA section to state add-on required as of v2.32.
- `docs/ai-coder/ai-gateway/setup.md`: "Premium license" → "AI
Governance Add-On license".
- `docs/ai-coder/ai-gateway/ai-gateway-proxy/setup.md`: "Premium
license" → "AI Governance Add-On".
- `docs/ai-coder/ai-gateway/clients/claude-code.md`: "(Premium feature)"
→ "(AI Governance Add-On)".
- `docs/manifest.json`: `"state": ["premium"]` → `"state": ["ai
governance add-on"]` for 4 nav entries.
**Disclaimer added to all child pages (26 files):**
AI Gateway pages (18):
`index.md`, `setup.md`, `audit.md`, `monitoring.md`, `mcp.md`,
`reference.md`, `ai-gateway-proxy/index.md`,
`ai-gateway-proxy/setup.md`, `clients/index.md`,
`clients/claude-code.md`, `clients/codex.md`, `clients/mux.md`,
`clients/opencode.md`, `clients/factory.md`, `clients/cline.md`,
`clients/kilo-code.md`, `clients/roo-code.md`, `clients/vscode.md`,
`clients/jetbrains.md`, `clients/zed.md`, `clients/copilot.md`
Agent Firewall pages (8):
`index.md`, `version.md`, `landjail.md`, `rules-engine.md`,
`nsjail/index.md`, `nsjail/docker.md`, `nsjail/k8s.md`, `nsjail/ecs.md`
Other: `security.md`
> [!NOTE]
> The `"ai governance add-on"` state value in `manifest.json` is new.
The docs site renderer may need to be updated to support this state
value.
> Generated by Coder Agents
> AI tools where used when creating this PR
This PR removes environment variable parsing from `/aibridge` directory.
Added env variables/flags for dump dir as coder options.
Only added to new indexed provider options
(`CODER_AIBRIDGE_PROVIDER_<N>_*`) not to deprecated legacy env variables
(`CODER_AIBRIDGE_ANTHROPIC_*` and `CODER_AIBRIDGE_OPENAI_KEY_*`).
Reverted adding `MaxRetries` option as it will be removed soon due to
key failover work:
https://github.com/coder/coder/pull/24783#discussion_r3155544808
> AI tools where used when creating this PR
This PR:
* removes references to aibridge repository from coder docs
* updates aibdrige/README.md
* makes it clear aibridge (keeping old name) is a handler not a separate
process
* updates outdated sections about: metrics, recorded interface and
supported paths.
---------
Co-authored-by: Susana Ferreira <susana@coder.com>
The deprecation notice on the [MCP Tools
Injection](https://coder.com/docs/ai-coder/ai-gateway/mcp) page
currently states the feature "will be removed in a future release,"
which may cause concern for users relying on it today.
This updates the warning to clarify that the feature will remain
functional and will not be removed until its replacement, MCP Gateway,
is released.
> [!NOTE]
> Generated by Coder Agents
---------
Co-authored-by: david-fraley <67079030+david-fraley@users.noreply.github.com>
> This PR was authored by Mux on behalf of Mike.
Adds AWS Bedrock ambient credential support to the Agents provider path.
Bedrock providers can now be saved without a stored API key and
authenticated via the standard AWS SDK credential chain on the Coder
server (IAM roles, `AWS_ACCESS_KEY_ID`, etc.). Also fixes missing `Base
URL` forwarding for Bedrock.
## Changes
**Backend runtime** (`coderd/x/chatd/chatprovider/chatprovider.go`):
- New `ProviderAllowsAmbientCredentials(provider)` helper. Currently
returns true only for Bedrock.
- `ModelFromConfig` no longer errors on an empty API key when the
provider is in the ambient-allowed set AND was explicitly resolved via
`ByProvider`. This preserves the policy gate: unresolvable providers
(disabled central key, user-key-required without a user key) still
error.
- `setResolvedProviderAPIKey` internalizes the ambient-credentials
contract via `ProviderAllowsAmbientCredentials`, so a
resolved-but-keyless Bedrock provider is represented as an empty
`ByProvider` entry rather than a post-hoc sentinel patch in the caller.
- `WithAPIKey` is only appended when a token is present.
- `WithBaseURL(baseURL)` is now forwarded for Bedrock (was previously
missing).
**Backend admin API** (`coderd/exp_chats.go`):
- `validateChatProviderCentralAPIKey` exempts Bedrock from requiring a
stored API key when central credentials are enabled.
- AI Gateway separation (`ChatProviderAPIKeysFromDeploymentValues`) is
unchanged. No silent reuse of `CODER_AIBRIDGE_BEDROCK_*` flags.
**Frontend**
(`site/src/pages/AgentsPage/components/ChatModelAdminPanel/*`):
- API Key field is optional for Bedrock when central credentials are
enabled.
- Bedrock-specific descriptions on API Key and Base URL fields
(bearer-token vs ambient modes, `AWS_REGION` guidance).
- Right-aligned "Clear stored token" action switches an existing Bedrock
provider back to ambient mode.
- `hasEffectiveAPIKey` treats Bedrock with central credentials enabled
as configured, so the provider list shows the correct status icon.
- Three new stories: `ProviderFormBedrockAmbientCredentials`,
`ProviderFormBedrockBearerToken`, `ProviderFormBedrockClearBearerToken`.
**Docs** (`docs/ai-coder/agents/models.md`,
`docs/ai-coder/ai-gateway/setup.md`):
- New "Configuring AWS Bedrock" section covering both credential modes,
region resolution, and the Base URL override.
- Explicit note that the `us-east-1` region fallback only applies to
bearer-token mode; ambient credentials require a region from the
standard AWS SDK chain.
- Cross-reference in AI Gateway docs clarifying that
`CODER_AIBRIDGE_BEDROCK_*` flags are a separate configuration path from
Agents.
## Not in scope
- Reusing AI Gateway Bedrock flags as an implicit Agents fallback.
- Per-provider AWS access key, secret, or region fields (would need a
migration and audit-table review).
- IMDS or network-backed credential probes in admin/listing request
paths.
## Related
Dogfood deployment integration:
https://github.com/coder/dogfood/pull/324
## Description
Makes AWS Bedrock credentials optional. When `AccessKey` and
`AccessKeySecret` are not set, AI Bridge falls back to the AWS SDK
default credential chain, which supports IAM Roles (instance profiles,
IRSA, ECS task roles), SSO, shared credentials files, and environment
variables.
This allows AI Bridge to authenticate with AWS Bedrock using:
- Permanent credentials (access key + secret) as before
- IAM Roles, shared config files, environment variables, SSO, etc, via
the SDK default credential chain
Depends on: https://github.com/coder/aibridge/pull/265
Related to: https://github.com/coder/aibridge/issues/144
Related to: https://linear.app/codercom/issue/AIGOV-67
_Disclaimer: initially produced by Claude Opus 4.6, modified and
reviewed by @ssncferreira ._
## Summary
Adds `--ai-gateway-allow-byok` deployment option to control whether
users can use Bring Your Own Key (BYOK) mode with AI Gateway.
When disabled (`--ai-gateway-allow-byok=false`), BYOK requests are
rejected with a 403 and a message directing the admin to enable the
flag. Centralized key authentication works regardless of this setting.
Defaults to `true` (BYOK allowed).
---------
Co-authored-by: Danny Kopping <danny@coder.com>
## Summary
Follows up on https://github.com/coder/coder/pull/24032
Adds a BYOK compatibility table to the AI Gateway client configuration
page, showing which clients support personal API keys and provider
subscriptions through AI Gateway.
We can simplify by merging related columns:
- Personal API Key (OpenAI) and Personal API Key (Anthropic) → Personal
API Key
- ChatGPT Subscription and Claude Subscription → Subscription (Claude
Pro/Max, ChatGPT Plus/Pro)
`NOTE`: This is displayed immediately after the existing Compatibility
table.
<img width="864" height="474" alt="image"
src="https://github.com/user-attachments/assets/644c5a7c-a9fe-454c-9112-3e3db268afc8"
/>
_Disclaimer: produced mostly by Claude Opus 4.6 following detailed
planning._
## Summary
- Support multiple instances of the same AI Bridge provider type via
indexed env vars (`CODER_AIBRIDGE_PROVIDER_<N>_<KEY>`), following the
`CODER_EXTERNAL_AUTH_<N>_<KEY>` pattern
- Existing single-provider env vars (`CODER_AIBRIDGE_OPENAI_KEY`, etc.)
continue to work unchanged
- Setting both a legacy env var and an indexed provider with the same
name errors at startup to prevent silent misconfiguration
- Mark legacy provider fields (`OpenAI`, `Anthropic`, `Bedrock`) as
deprecated in `AIBridgeConfig` in favor of `Providers`
## Example
```sh
CODER_AIBRIDGE_PROVIDER_0_TYPE=anthropic
CODER_AIBRIDGE_PROVIDER_0_NAME=anthropic-corp
CODER_AIBRIDGE_PROVIDER_0_KEY=sk-ant-corp-xxx
CODER_AIBRIDGE_PROVIDER_0_BASE_URL=https://llm-proxy.internal.example.com/anthropic
CODER_AIBRIDGE_PROVIDER_1_TYPE=anthropic
CODER_AIBRIDGE_PROVIDER_1_NAME=anthropic-direct
CODER_AIBRIDGE_PROVIDER_1_KEY=sk-ant-direct-yyy
```
Each instance is routed by name:
- /api/v2/aibridge/**anthropic-corp**/v1/messages
- /api/v2/aibridge/**anthropic-direct**/v1/messages
Closes
[AIGOV-157](https://linear.app/codercom/issue/AIGOV-157/spike-to-understand-if-there-is-a-simple-way-to-handle-multi-api-key)
---------
Signed-off-by: Danny Kopping <danny@coder.com>
## Summary
Follows up on https://github.com/coder/coder/pull/24032
Renames "Coder session token" to "Coder API token" in AI Gateway client
documentation pages.
Also renames the `CODER_SESSION_TOKEN` env var to `CODER_API_TOKEN` in
Codex CLI examples and Copilot proxy configuration.
Note: "Coder session token" is still used in some parts of the
documentation where it make sense.
---------
Co-authored-by: Susana Ferreira <susana@coder.com>
## Summary
Adds BYOK (Personal API Key) documentation for OpenCode.
## BYOK support
| Client | Personal API Key | ChatGPT Subscription | Claude Subscription
|
|--------------|------------------|----------------------|---------------------|
| Codex CLI | ✅ | ✅ | - |
| Claude Code | ✅ | - | ✅ |
| Mux | ? | ? | ? |
| OpenCode | ✅ | ❌ | ❌ |
| Factory | ✅ | ❌ | ❌ |
| Cline | ✅ Only OpenAI API | ❌ | ❌ |
| KiloCode | ❌ (client-side bug) | ❌ | ❌ |
| RooCode | ✅ Only OpenAI API | ❌ | ❌ |
| VSCode | ❌ | ❌ | ❌ |
| JetBrains | ❌ | ❌ | ❌ |
| Zed | ❌ | ❌ | ❌ |
| Copilot CLI | ? | ? | ? |
<details>
<summary>Why OpenCode doesn't support subscriptions through AI
Bridge</summary>
**ChatGPT subscription**: OpenCode's codex plugin [hardcodes the
upstream
URL](https://github.com/anomalyco/opencode/blob/3a0e00dd7f9192730f6d0eeee37ae0a5fb023927/packages/opencode/src/plugin/codex.ts#L458-L460)
to `https://chatgpt.com/backend-api/codex/responses` inside a custom
`fetch`, bypassing any configured `baseURL`.
**Claude subscription**: Anthropic [no longer
supports](https://www.reddit.com/r/ClaudeAI/comments/1r9hqdk/claude_subscriptions_will_no_longer_be_usable_in/)
using subscriptions in third-party clients.
</details>
## Notes
- Anthropic forbids Claude subscription in all 3rd-party clients
- OpenCode supports ChatGPT subscription, but there is no way to
customize BaseURL
- Does it make sense to investigate Mux?
- Factory doesn't support ChatGPT subscription
- Cline supports ChatGPT subscription, but there is no way to customize
BaseURL
- KiloCode supports CustomHeaders, but I wasn't able to make it work
neither for centralized key nor for BYOK. Seems support for custom
providers has bugs. I got different errors for different models, this
one is common:
`Unsupported parameter: 'max_tokens' is not supported with this model.
Use 'max_completion_tokens' instead.` Seems should be fixed on KiloCode
side.
- RooCode and Cline support only OpenAI. They have special
OpenAI-Compatible provider which allows adding custom headers.
- VSCode (NativeChat) uses github copilot under the hood. I wasn't able
to make it work, neither in VSCode nor in VSCode-Insiders on my MacOS. I
used VSCode-Insiders Version: 1.116.0-insider (Universal). I got
different errors. When I used Github Copilot Chat (stable release - it
ignored my AI Gateway configuration), when I tried to install Github
Copilot Chat pre-release it failed with
`~/.vscode-insiders/extensions/github.copilot-chat-0.43.2026040705`
- JetBrains (embedded AI assistant). OpenAI Compatible provider doesn't
support custom headers. Also I got some errors even for centralized key
setup.
- Zed doesn't support custom headers
- Copilot CLI is special, because it's only supported via gateway proxy.
But it also means that we don't need support of custom headers, because
`X-AI-Gov-Token` is set by proxy itself. So if BYOK is supported in
CopilotCLI - it should be supported for CopilotCLI via Bridge and
BridgeProxy.
## Questions
- Do we want to explicitly state that Claude Max/Pro or ChatGPT Plus/Pro
subscriptions aren’t supported by OpenCode via AIBridge? I initially
avoided mentioning it since this could change over time, and keeping
that information up to date across clients might be difficult.
Documents the private/reserved IP range restrictions added to AI Gateway
Proxy:
- **Restricting proxy access**: Updated to reflect that private/reserved
IP ranges are now blocked by default, with atomic IP validation to
prevent DNS rebinding. Documents the Coder access URL exemption and the
`CODER_AIBRIDGE_PROXY_ALLOWED_PRIVATE_CIDRS` option.
- **Upstream proxy**: Added a note on the DNS rebinding limitation when
an upstream proxy is configured, and that upstream proxies should
enforce their own restrictions.
> [!NOTE]
> Initially generated by Coder Agents, modified and reviewed by
@ssncferreira
Follow-up: #23109
Danny Kopping