Per User Oauth
Authorization Server Metadata (RFC 8414)
Returns the OAuth 2.0 Authorization Server Metadata document per RFC 8414.
After fetching the Protected Resource Metadata, MCP clients fetch this endpoint to discover Bifrost's OAuth endpoints (register, authorize, token) and capabilities (PKCE methods, grant types, etc.).
Returns 404 when no MCP clients are configured with auth_type: per_user_oauth.
AuthorizationBearer <token>
Bearer token authentication. Use your MPilot virtual-key JWT or admin JWT.
Virtual keys (prefixed with sk-bf-) can also be passed here.
In: header
Response Body
curl -X GET "https://loading/{AI_GATEWAY_URL}/.well-known/oauth-authorization-server"{
"issuer": "https://your-bifrost-domain.com",
"authorization_endpoint": "https://your-bifrost-domain.com/api/oauth/per-user/authorize",
"token_endpoint": "https://your-bifrost-domain.com/api/oauth/per-user/token",
"registration_endpoint": "https://your-bifrost-domain.com/api/oauth/per-user/register",
"response_types_supported": [
"code"
],
"grant_types_supported": [
"authorization_code"
],
"code_challenge_methods_supported": [
"S256"
],
"token_endpoint_auth_methods_supported": [
"none"
],
"scopes_supported": [
"mcp:read",
"mcp:write"
]
}"string"