189 lines
4.9 KiB
Plaintext
189 lines
4.9 KiB
Plaintext
---
|
|
title: "MCP with Federated Auth"
|
|
description: "Transform your existing private enterprise APIs into LLM-ready MCP tools using federated authentication without writing a single line of code"
|
|
icon: "screwdriver-wrench"
|
|
---
|
|
|
|
Transform your existing private enterprise APIs into LLM-ready MCP tools instantly. Add your APIs along with authentication information, and Bifrost dynamically syncs user authentication to allow these existing APIs to be used as MCP tools.
|
|
|
|
## Supported Import Methods
|
|
|
|
Add your existing APIs to Bifrost using any of these methods:
|
|
|
|
<Tabs>
|
|
<Tab title="Postman Collection">
|
|
Import your existing Postman collections directly into Bifrost. All request configurations, headers, and parameters are preserved.
|
|
|
|
```json
|
|
{
|
|
"info": {
|
|
"name": "Enterprise API Collection",
|
|
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
|
|
},
|
|
"item": [
|
|
{
|
|
"name": "Get User Profile",
|
|
"request": {
|
|
"method": "GET",
|
|
"header": [
|
|
{
|
|
"key": "Authorization",
|
|
"value": "{{req.header.authorization}}",
|
|
"type": "text"
|
|
}
|
|
],
|
|
"url": {
|
|
"raw": "https://api.company.com/users/profile",
|
|
"host": ["api", "company", "com"],
|
|
"path": ["users", "profile"]
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|
|
</Tab>
|
|
|
|
<Tab title="OpenAPI Spec">
|
|
Use your existing OpenAPI 3.0+ specifications. Bifrost automatically converts them into MCP-compatible tools.
|
|
|
|
```yaml
|
|
openapi: 3.0.0
|
|
info:
|
|
title: Enterprise API
|
|
version: 1.0.0
|
|
paths:
|
|
/users/profile:
|
|
get:
|
|
summary: Get user profile
|
|
security:
|
|
- BearerAuth: []
|
|
parameters:
|
|
- name: Authorization
|
|
in: header
|
|
schema:
|
|
type: string
|
|
example: "{{req.header.authorization}}"
|
|
components:
|
|
securitySchemes:
|
|
BearerAuth:
|
|
type: http
|
|
scheme: bearer
|
|
```
|
|
</Tab>
|
|
|
|
<Tab title="cURL Commands">
|
|
Convert your existing cURL commands directly into MCP tools.
|
|
|
|
```bash
|
|
curl -X GET "https://api.company.com/users/profile" \
|
|
-H "Authorization: {{req.header.authorization}}" \
|
|
-H "Content-Type: application/json"
|
|
```
|
|
</Tab>
|
|
|
|
<Tab title="Built-in UI">
|
|
Use Bifrost's intuitive UI to manually configure your API endpoints with the same ease as Postman.
|
|
|
|
1. Set HTTP method and URL
|
|
2. Configure headers with variable substitution
|
|
3. Define request body (if needed)
|
|
4. Test the endpoint
|
|
5. Deploy as MCP tool
|
|
</Tab>
|
|
</Tabs>
|
|
|
|
## What Happens Next
|
|
|
|
Once you upload your API specifications, Bifrost automatically:
|
|
|
|
- **Syncs authentication systems** from your existing APIs
|
|
- **Converts endpoints** into MCP-compatible tools
|
|
- **Maintains security** using your current auth infrastructure
|
|
- **Makes APIs available** to LLMs instantly
|
|
|
|
## Supported Authentication Types
|
|
|
|
Bifrost automatically handles all common authentication patterns:
|
|
|
|
- **Bearer Tokens** (JWT, OAuth)
|
|
- **API Keys** (headers, query parameters)
|
|
- **Custom Headers** (tenant IDs, user tokens)
|
|
- **Basic Auth** and other standard methods
|
|
|
|
## Real-World Use Cases
|
|
|
|
### Enterprise CRM Integration
|
|
|
|
Transform your Salesforce, HubSpot, or custom CRM APIs:
|
|
|
|
```json
|
|
{
|
|
"name": "Get Customer Data",
|
|
"method": "GET",
|
|
"url": "https://api.company.com/crm/customers/{{req.body.customer_id}}",
|
|
"headers": {
|
|
"Authorization": "{{req.header.authorization}}",
|
|
"X-Tenant-ID": "{{req.header.x-tenant-id}}"
|
|
}
|
|
}
|
|
```
|
|
|
|
### Internal Microservices
|
|
|
|
Make your internal microservices LLM-accessible:
|
|
|
|
```yaml
|
|
paths:
|
|
/internal/user-service/profile:
|
|
get:
|
|
parameters:
|
|
- name: Authorization
|
|
in: header
|
|
schema:
|
|
type: string
|
|
default: "{{req.header.authorization}}"
|
|
- name: X-Service-Token
|
|
in: header
|
|
schema:
|
|
type: string
|
|
default: "{{env.INTERNAL_SERVICE_TOKEN}}"
|
|
```
|
|
|
|
### Database APIs
|
|
|
|
Connect to your database APIs securely:
|
|
|
|
```http
|
|
POST https://db-api.company.com/query
|
|
Content-Type: application/json
|
|
Authorization: {{req.header.authorization}}
|
|
X-Database-Name: {{req.header.x-database}}
|
|
|
|
{
|
|
"query": "SELECT * FROM users WHERE tenant_id = '{{req.body.tenant_id}}'",
|
|
"limit": 100
|
|
}
|
|
```
|
|
|
|
## Security Benefits
|
|
|
|
### 1. **Zero Trust Architecture**
|
|
- Authentication happens at the edge (your existing systems)
|
|
- Bifrost never stores or caches authentication credentials
|
|
- Each request is authenticated independently
|
|
|
|
### 2. **Existing Security Policies**
|
|
- Leverage your current RBAC (Role-Based Access Control)
|
|
- Maintain existing audit trails
|
|
- No changes to security infrastructure required
|
|
|
|
### 3. **Granular Access Control**
|
|
- Different users get different API access based on their credentials
|
|
- Tenant isolation maintained through existing headers
|
|
- API rate limiting and quotas preserved
|
|
|
|
### 4. **Compliance Friendly**
|
|
- No sensitive data passes through Bifrost permanently
|
|
- Existing compliance frameworks remain intact
|
|
- Audit trails maintained in your systems |