first commit
This commit is contained in:
189
docs/enterprise/mcp-with-fa.mdx
Normal file
189
docs/enterprise/mcp-with-fa.mdx
Normal file
@@ -0,0 +1,189 @@
|
||||
---
|
||||
title: "MCP with Federated Auth"
|
||||
description: "Transform your existing private enterprise APIs into LLM-ready MCP tools using federated authentication without writing a single line of code"
|
||||
icon: "screwdriver-wrench"
|
||||
---
|
||||
|
||||
Transform your existing private enterprise APIs into LLM-ready MCP tools instantly. Add your APIs along with authentication information, and Bifrost dynamically syncs user authentication to allow these existing APIs to be used as MCP tools.
|
||||
|
||||
## Supported Import Methods
|
||||
|
||||
Add your existing APIs to Bifrost using any of these methods:
|
||||
|
||||
<Tabs>
|
||||
<Tab title="Postman Collection">
|
||||
Import your existing Postman collections directly into Bifrost. All request configurations, headers, and parameters are preserved.
|
||||
|
||||
```json
|
||||
{
|
||||
"info": {
|
||||
"name": "Enterprise API Collection",
|
||||
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
|
||||
},
|
||||
"item": [
|
||||
{
|
||||
"name": "Get User Profile",
|
||||
"request": {
|
||||
"method": "GET",
|
||||
"header": [
|
||||
{
|
||||
"key": "Authorization",
|
||||
"value": "{{req.header.authorization}}",
|
||||
"type": "text"
|
||||
}
|
||||
],
|
||||
"url": {
|
||||
"raw": "https://api.company.com/users/profile",
|
||||
"host": ["api", "company", "com"],
|
||||
"path": ["users", "profile"]
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
</Tab>
|
||||
|
||||
<Tab title="OpenAPI Spec">
|
||||
Use your existing OpenAPI 3.0+ specifications. Bifrost automatically converts them into MCP-compatible tools.
|
||||
|
||||
```yaml
|
||||
openapi: 3.0.0
|
||||
info:
|
||||
title: Enterprise API
|
||||
version: 1.0.0
|
||||
paths:
|
||||
/users/profile:
|
||||
get:
|
||||
summary: Get user profile
|
||||
security:
|
||||
- BearerAuth: []
|
||||
parameters:
|
||||
- name: Authorization
|
||||
in: header
|
||||
schema:
|
||||
type: string
|
||||
example: "{{req.header.authorization}}"
|
||||
components:
|
||||
securitySchemes:
|
||||
BearerAuth:
|
||||
type: http
|
||||
scheme: bearer
|
||||
```
|
||||
</Tab>
|
||||
|
||||
<Tab title="cURL Commands">
|
||||
Convert your existing cURL commands directly into MCP tools.
|
||||
|
||||
```bash
|
||||
curl -X GET "https://api.company.com/users/profile" \
|
||||
-H "Authorization: {{req.header.authorization}}" \
|
||||
-H "Content-Type: application/json"
|
||||
```
|
||||
</Tab>
|
||||
|
||||
<Tab title="Built-in UI">
|
||||
Use Bifrost's intuitive UI to manually configure your API endpoints with the same ease as Postman.
|
||||
|
||||
1. Set HTTP method and URL
|
||||
2. Configure headers with variable substitution
|
||||
3. Define request body (if needed)
|
||||
4. Test the endpoint
|
||||
5. Deploy as MCP tool
|
||||
</Tab>
|
||||
</Tabs>
|
||||
|
||||
## What Happens Next
|
||||
|
||||
Once you upload your API specifications, Bifrost automatically:
|
||||
|
||||
- **Syncs authentication systems** from your existing APIs
|
||||
- **Converts endpoints** into MCP-compatible tools
|
||||
- **Maintains security** using your current auth infrastructure
|
||||
- **Makes APIs available** to LLMs instantly
|
||||
|
||||
## Supported Authentication Types
|
||||
|
||||
Bifrost automatically handles all common authentication patterns:
|
||||
|
||||
- **Bearer Tokens** (JWT, OAuth)
|
||||
- **API Keys** (headers, query parameters)
|
||||
- **Custom Headers** (tenant IDs, user tokens)
|
||||
- **Basic Auth** and other standard methods
|
||||
|
||||
## Real-World Use Cases
|
||||
|
||||
### Enterprise CRM Integration
|
||||
|
||||
Transform your Salesforce, HubSpot, or custom CRM APIs:
|
||||
|
||||
```json
|
||||
{
|
||||
"name": "Get Customer Data",
|
||||
"method": "GET",
|
||||
"url": "https://api.company.com/crm/customers/{{req.body.customer_id}}",
|
||||
"headers": {
|
||||
"Authorization": "{{req.header.authorization}}",
|
||||
"X-Tenant-ID": "{{req.header.x-tenant-id}}"
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
### Internal Microservices
|
||||
|
||||
Make your internal microservices LLM-accessible:
|
||||
|
||||
```yaml
|
||||
paths:
|
||||
/internal/user-service/profile:
|
||||
get:
|
||||
parameters:
|
||||
- name: Authorization
|
||||
in: header
|
||||
schema:
|
||||
type: string
|
||||
default: "{{req.header.authorization}}"
|
||||
- name: X-Service-Token
|
||||
in: header
|
||||
schema:
|
||||
type: string
|
||||
default: "{{env.INTERNAL_SERVICE_TOKEN}}"
|
||||
```
|
||||
|
||||
### Database APIs
|
||||
|
||||
Connect to your database APIs securely:
|
||||
|
||||
```http
|
||||
POST https://db-api.company.com/query
|
||||
Content-Type: application/json
|
||||
Authorization: {{req.header.authorization}}
|
||||
X-Database-Name: {{req.header.x-database}}
|
||||
|
||||
{
|
||||
"query": "SELECT * FROM users WHERE tenant_id = '{{req.body.tenant_id}}'",
|
||||
"limit": 100
|
||||
}
|
||||
```
|
||||
|
||||
## Security Benefits
|
||||
|
||||
### 1. **Zero Trust Architecture**
|
||||
- Authentication happens at the edge (your existing systems)
|
||||
- Bifrost never stores or caches authentication credentials
|
||||
- Each request is authenticated independently
|
||||
|
||||
### 2. **Existing Security Policies**
|
||||
- Leverage your current RBAC (Role-Based Access Control)
|
||||
- Maintain existing audit trails
|
||||
- No changes to security infrastructure required
|
||||
|
||||
### 3. **Granular Access Control**
|
||||
- Different users get different API access based on their credentials
|
||||
- Tenant isolation maintained through existing headers
|
||||
- API rate limiting and quotas preserved
|
||||
|
||||
### 4. **Compliance Friendly**
|
||||
- No sensitive data passes through Bifrost permanently
|
||||
- Existing compliance frameworks remain intact
|
||||
- Audit trails maintained in your systems
|
||||
Reference in New Issue
Block a user