docs: update provider configuration documentation and UI references

[Pratham-Mishra04]

Summary

Updated documentation for provider configuration with improved UI screenshots and clearer instructions. Fixed auth middleware initialization to handle missing config store gracefully.

Changes

• Updated documentation links in README.md to point to the correct development setup guide
• Refreshed UI screenshots to match the latest interface design
• Reorganized provider configuration documentation with clearer navigation paths
• Added new sections for custom base URL and raw request configuration
• Improved explanation of header management (static vs dynamic headers)
• Fixed auth middleware initialization to prevent crashes when config store is missing

Type of change

• Bug fix
• Feature
• Refactor
• Documentation
• Chore/CI

Affected areas

• Core (Go)
• Transports (HTTP)
• Providers/Integrations
• Plugins
• UI (Next.js)
• Docs

How to test

Verify the documentation updates match the current UI:

# Start Bifrost
go run cmd/bifrost/main.go

# Navigate to http://localhost:8080 and compare UI with documentation

Test the auth middleware fix:

# Run Bifrost without a config store
go run cmd/bifrost/main.go --no-config-store

# Verify it starts without crashing

Screenshots/Recordings

Updated screenshots are included in the PR for the provider configuration UI.

Breaking changes

• Yes
• No

Related issues

Fixes initialization error when running without a config store.

Security considerations

Improved documentation around header security and the header denylist implementation.

Checklist

• I read docs/contributing/README.md and followed the guidelines
• I added/updated tests where appropriate
• I updated documentation where needed
• I verified builds succeed (Go and UI)
• I verified the CI pipeline passes locally if applicable

[Pratham-Mishra04]

• docs: update provider configuration documentation and UI references #1263 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[github-actions]

🧪 Test Suite Available

This PR can be tested by a repository admin.

Run tests for PR #1263

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

Release Notes

• Documentation

  • Completely revamped provider configuration documentation with updated navigation paths and improved terminology
  • Enhanced header configuration guidance with separate static and dynamic header sections
  • Added Send Back Raw Request feature documentation for comprehensive debugging

• New Features

  • Introduced Send Back Raw Request capability to expose original provider requests for end-to-end debugging

_{✏️ Tip: You can customize this high-level summary in your review settings.}

Walkthrough

The PR updates provider configuration documentation for both gateway and Go SDK, refactoring UI navigation paths to use "Model Providers" terminology and reorganizing sections for custom headers, raw request/response handling, and base URL configuration. The HTTP server's auth middleware initialization is guarded to depend on ConfigStore availability and enterprise context.

Changes

Cohort / File(s)	Summary
Documentation – Provider Configuration Updates docs/quickstart/gateway/provider-configuration.mdx, docs/quickstart/go-sdk/provider-configuration.mdx	Restructured provider configuration sections: renamed "Custom Network Settings" to "Custom Base URL", reorganized header handling into static (provider-level) and dynamic (per-request) subsections, added "Send Back Raw Request" section alongside existing raw response documentation. Updated all navigation paths to reflect new "Model Providers" UI terminology and adjusted JSON payload structures (e.g., network_config.base_url, extra_headers). Minor method signature change in Go SDK example: added context.Context parameter to GetConfigForProvider(); added RawRequest field to example response struct.
Documentation – README README.md	Updated Development Setup Guide link in Contributing section from /contributing/building-a-plugins to /contributing/setting-up-repo#development-environment-setup.
Server – Auth Middleware transports/bifrost-http/server/server.go	Added conditional guards for auth middleware initialization: skip when ConfigStore is nil; only wire middleware to both API and inference routes when ConfigStore is present and context is non-enterprise. Prevents nil-pointer usage and makes auth middleware optional.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 Whiskers twitch with delight so true,
Provider configs dressed in paths anew!
Raw requests gleaming, headers align,
Middleware guards keep the flow divine,
A hoppy refactor through docs so fine! 🌟

Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main changes in the PR: updates to provider configuration documentation and UI references. It is concise and directly reflects the primary documentation and configuration changes across multiple files.
Description check	✅ Passed	The PR description is complete and well-structured, covering all required template sections including Summary, Changes, Type of change, Affected areas, How to test, Breaking changes, Related issues, Security considerations, and Checklist. All checkboxes are properly marked and testing instructions are provided.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom Pre-merge Checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 01-07-fix_docs_fixes

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

docs/quickstart/gateway/provider-configuration.mdx (1)

511-524: Typo: Key name doesn't match provider.

In the Anthropic configuration example, the key name is incorrectly set to "openai-key-1" instead of "anthropic-key-1".

Suggested fix

 # Anthropic with conservative settings
 curl --location 'http://localhost:8080/api/providers' \
 --header 'Content-Type: application/json' \
 --data '{
     "provider": "anthropic", 
     "keys": [
         {
-            "name": "openai-key-1",
+            "name": "anthropic-key-1",
             "value": "env.ANTHROPIC_API_KEY",
             "models": [],
             "weight": 1.0
         }
     ],

docs/quickstart/go-sdk/provider-configuration.mdx (1)

42-48: Remove ctx *context.Context parameter from lines 333 and 373.

Lines 333 and 373 incorrectly include a ctx *context.Context parameter in the function signature. The actual interface definition in core/schemas/account.go specifies GetConfigForProvider(providerKey ModelProvider) (*ProviderConfig, error) without a context parameter. Update both examples to match the correct signature: func (a *MyAccount) GetConfigForProvider(provider schemas.ModelProvider) (*schemas.ProviderConfig, error).

🤖 Fix all issues with AI agents

In @docs/quickstart/go-sdk/provider-configuration.mdx:
- Around line 148-151: Add a blank line between the closing Note tag and the
"### Managing Retries" heading so the MDX renders correctly; specifically,
insert one empty line after the </Note> line in
docs/quickstart/go-sdk/provider-configuration.mdx to separate the note block
from the section heading.

🧹 Nitpick comments (1)

transports/bifrost-http/server/server.go (1)

1190-1200: Consider using logger.Warn instead of logger.Error for expected behavior.

When running intentionally without a config store (e.g., --no-config-store), using logger.Error may be misleading since this is expected behavior rather than an error condition. Consider downgrading to logger.Warn or logger.Info to better reflect the operational intent.

Suggested change

 	if s.Config.ConfigStore == nil {
-		logger.Error("auth middleware requires config store, skipping auth middleware initialization")
+		logger.Warn("auth middleware requires config store, skipping auth middleware initialization")
 	} else {

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fd45a8e and 3b78f5c.

⛔ Files ignored due to path filters (6)

• docs/media/provider-configs.png is excluded by !**/*.png
• docs/media/ui-base-url.png is excluded by !**/*.png
• docs/media/ui-extra-headers.png is excluded by !**/*.png
• docs/media/ui-provider-configs.png is excluded by !**/*.png
• docs/media/ui-raw-request.png is excluded by !**/*.png
• docs/media/ui-raw-response.png is excluded by !**/*.png

📒 Files selected for processing (4)

• README.md
• docs/quickstart/gateway/provider-configuration.mdx
• docs/quickstart/go-sdk/provider-configuration.mdx
• transports/bifrost-http/server/server.go

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

always check the stack if there is one for the current PR. do not give localized reviews for the PR, always see all changes in the light of the whole stack of PRs (if there is a stack, if there is no stack you can continue to make localized suggestions/reviews)

Files:

• README.md
• transports/bifrost-http/server/server.go
• docs/quickstart/gateway/provider-configuration.mdx
• docs/quickstart/go-sdk/provider-configuration.mdx

🧠 Learnings (5)

📚 Learning: 2025-12-09T17:07:42.007Z

Learnt from: qwerty-dvorak
Repo: maximhq/bifrost PR: 1006
File: core/schemas/account.go:9-18
Timestamp: 2025-12-09T17:07:42.007Z
Learning: In core/schemas/account.go, the HuggingFaceKeyConfig field within the Key struct is currently unused and reserved for future Hugging Face inference endpoint deployments. Do not flag this field as missing from OpenAPI documentation or require its presence in the API spec until the feature is actively implemented and used. When the feature is added, update the OpenAPI docs accordingly; otherwise, treat this field as non-breaking and not part of the current API surface.

Applied to files:

• transports/bifrost-http/server/server.go

📚 Learning: 2025-12-29T11:54:55.836Z

Learnt from: akshaydeo
Repo: maximhq/bifrost PR: 1153
File: framework/configstore/rdb.go:2221-2246
Timestamp: 2025-12-29T11:54:55.836Z
Learning: In Go reviews, do not flag range-over-int patterns like for i := range n as compile-time errors, assuming Go 1.22+ semantics. Only flag actual range-capable values (slices, arrays, maps, channels, strings) and other compile-time issues. This applies to all Go files across the repository.

Applied to files:

• transports/bifrost-http/server/server.go

📚 Learning: 2025-12-12T08:25:02.629Z

Learnt from: Pratham-Mishra04
Repo: maximhq/bifrost PR: 1000
File: transports/bifrost-http/integrations/router.go:709-712
Timestamp: 2025-12-12T08:25:02.629Z
Learning: In transports/bifrost-http/**/*.go, update streaming response handling to align with OpenAI Responses API: use typed SSE events such as response.created, response.output_text.delta, response.done, etc., and do not rely on the legacy data: [DONE] termination marker. Note that data: [DONE] is only used by the older Chat Completions and Text Completions streaming APIs. Ensure parsers, writers, and tests distinguish SSE events from the [DONE] sentinel and handle each event type accordingly for correct stream termination and progress updates.

Applied to files:

• transports/bifrost-http/server/server.go

📚 Learning: 2025-12-29T09:14:16.633Z

Learnt from: akshaydeo
Repo: maximhq/bifrost PR: 888
File: transports/bifrost-http/handlers/middlewares.go:246-256
Timestamp: 2025-12-29T09:14:16.633Z
Learning: In the bifrost HTTP transport, fasthttp.RequestCtx is the primary context carrier and should be passed directly to functions that expect a context.Context. Do not convert to context.Context unless explicitly required. Ensure tracer implementations and related components are designed to accept fasthttp.RequestCtx directly, and document this architectural decision for maintainers.

Applied to files:

• transports/bifrost-http/server/server.go

📚 Learning: 2025-12-30T05:37:48.365Z

Learnt from: Pratham-Mishra04
Repo: maximhq/bifrost PR: 1180
File: docs/features/mcp/connecting-to-servers.mdx:452-458
Timestamp: 2025-12-30T05:37:48.365Z
Learning: When reviewing documentation PRs in a Graphite-managed stack, first check related or previous PRs in the stack for feature implementations before flagging documentation as incorrect or unsupported. Documentation MDX files often reference features implemented in earlier stack PRs; verify that the documented behavior exists in earlier changes and that the docs accurately reflect the implemented state before requesting edits.

Applied to files:

• docs/quickstart/gateway/provider-configuration.mdx
• docs/quickstart/go-sdk/provider-configuration.mdx

🧬 Code graph analysis (1)

transports/bifrost-http/server/server.go (2)

framework/configstore/store.go (1)

• ConfigStore (17-158)

transports/bifrost-http/handlers/middlewares.go (2)

• AuthMiddleware (160-163)
• InitAuthMiddleware (165-179)

🔇 Additional comments (5)

README.md (1)

258-258: Correct documentation link for development setup.

The updated link properly directs contributors to the specific development environment setup section. This change aligns well with the Contributing section's flow and provides clear guidance for build requirements. The URL and anchor have been verified to exist and are accessible.

transports/bifrost-http/server/server.go (1)

1207-1209: LGTM!

The nil check on s.AuthMiddleware correctly guards against dereferencing when running without a config store. This ensures safe operation in both enterprise and non-enterprise contexts when the auth middleware couldn't be initialized.

docs/quickstart/go-sdk/provider-configuration.mdx (1)

368-394: LGTM!

The new "Send Back Raw Request" section is well-documented and provides clear guidance on debugging request transformations. The tip about combining raw request and response for end-to-end debugging is helpful.

docs/quickstart/gateway/provider-configuration.mdx (2)

570-692: LGTM!

The expanded Custom Headers section provides clear documentation for both static (provider-level) and dynamic (per-request) header configurations. The x-bf-eh-* prefix convention is well explained, and the security denylist documentation helps users understand what headers are restricted.

---

877-955: LGTM!

The new "Send Back Raw Request" section is well-structured and consistent with the existing "Send Back Raw Response" section. The tip about combining both features for debugging is valuable for users troubleshooting request transformations.

[Pratham-Mishra04]

Merge activity

• Jan 7, 7:07 AM UTC: A user started a stack merge that includes this pull request via Graphite.
• Jan 7, 7:07 AM UTC: @Pratham-Mishra04 merged this pull request with Graphite.