Once AI Bridge is enabled on the server, your users need to configure their AI coding tools to use it. This section explains how users should configure their clients to connect to AI Bridge.

The exact configuration method varies by client — some use environment variables, others use configuration files or UI settings:

Replace`coder.example.com` with your actual Coder deployment URL.

Instead of distributing provider-specific API keys (OpenAI/Anthropic keys) to users, they authenticate to AI Bridge using their**Coder session token** or**API key**:

-**OpenAI clients**: Users set`OPENAI_API_KEY` to their Coder session token or API key

-**Anthropic clients**: Users set`ANTHROPIC_API_KEY` to their Coder session token or API key

Template admins can pre-configureauthentication in templates using[`data.coder_workspace_owner.me.session_token`](https://registry.terraform.io/providers/coder/coder/latest/docs/data-sources/workspace_owner#session_token-1) to automatically configure the workspace owner's credentials.

Template admins can pre-configureworkspaces to route all AI tool requests through AI Bridge, providing a seamless and secure experience for users. This can be done for both Coder Tasks and other AI tools running in the workspace.

Here is an example of how to pre-configure a Coder template to install Claude Code and configure it for AI Bridge using the session token in a template:

[Coder Tasks](../tasks.md) provides a framework for using agents like Claude Code to complete background development operations. To route those agents through AI Bridge, you can pre-configure a Coder Tasks template to install Claude Code and configure it for AI Bridge using the session token:

The same approach can be applied to pre-configure additional AI coding assistants by updating the base URL and API key settings.

This setup keeps agent execution within Coder while applying the same auditing and MCP policies as IDE clients.

AI assistants running inside a Coder workspace, such as IDE extensions, can be configured to use AI Bridge.

While users can manually configure these tools with a long-livedAPI key, template admins can provide a more seamless experience by pre-configuring them. Similar to the Coder Tasks example, admins can use Terraform data sources like`data.coder_workspace_owner.me.session_token` to automatically inject the user's session token and the AI Bridge base URL into the workspace environment.

Users can generate a Coder API key using eithertheCLI or the web UI. Follow the instructions at[Sessions and API tokens](../../admin/users/sessions-tokens.md#generate-a-long-lived-api-token-on-behalf-of-yourself) to generate aCoderAPI key.

This isthefastest way to bring existing agents like Roo Code, Cursor, or Claude Code into compliance without adoptingCoderTasks.

You can also configure AI tools running outside of a Coder workspace, such as local IDE extensions or desktop applications, to connect to AI Bridge.

The configuration is the same: point the tool to the AI Bridge[base URL](#base-urls) and use a Coder API key for authentication.

Users can generate a long-lived API key from the Coder UI or CLI. Follow the instructions at[Sessions and API tokens](../../admin/users/sessions-tokens.md#generate-a-long-lived-api-token-on-behalf-of-yourself) to create one.

The table below shows tested AI clients and their compatibility with AI Bridge. Click each client name for vendor-specific configuration instructions. Report issues or share compatibility updates in the[aibridge](https://github.com/coder/aibridge) issue tracker.

| Client| OpenAI support| Anthropic support| Notes|

|-------------------------------------------------------------------------------------------------------------------------------------------|----------------|-------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|

|[Claude Code](https://docs.claude.com/en/docs/claude-code/settings#environment-variables)| N/A| ✅| Works out of the box and can be preconfigured in templates.|

| Claude Code (VS Code)| N/A| ✅| May require signing in once; afterwards respects workspace environment variables.|

|[Cursor](https://cursor.com/docs/settings/api-keys)| ⚠️| ❌| Only nonreasoning models like`gpt-4.1` are available when using a custom endpoint. Requests still transit Cursor's cloud. There is no central admin setting to configure this.|

|[Cursor](https://cursor.com/docs/settings/api-keys)| ⚠️| ❌| Only non-reasoning models like`gpt-4.1` are available when using a custom endpoint. Requests still transit Cursor's cloud. There is no central admin setting to configure this.|

|[Roo Code](https://docs.roocode.com/features/api-configuration-profiles#creating-and-managing-profiles)| ✅| ✅| Use the**OpenAI Compatible** provider with the legacy format to avoid`/v1/responses`.|

|[Codex CLI](https://github.com/openai/codex/blob/main/docs/config.md#model_providers)| ✅| N/A|`gpt-5-codex` support is[in progress](https://github.com/coder/aibridge/issues/16).|

|[GitHub Copilot (VS Code)](https://docs.github.com/en/copilot/configuring-github-copilot/configuring-network-settings-for-github-copilot)| ✅| ❌| Requires the pre-release extension. Anthropic endpoints are not supported.|

Legend: ✅ works, ⚠️ limited support, ❌ not supported, ❓ not yet verified, — not applicable.

Most AI coding assistantsthat support custom base URLs can work with AI Bridge. Client-specific requirements vary:

Most AI coding assistantscan use AI Bridge, provided they support custom base URLs. Client-specific requirements vary:

- Some clients require specific URL formats (for example, removing the`/v1` suffix).

- Some clients proxy requests through their own servers, which limits compatibility.


Bridge is a smart proxy for AI. It acts as a man-in-the-middle between your users' coding agents / IDEs

AIBridge is a smart proxy for AI. It acts as a man-in-the-middle between your users' coding agents / IDEs

and providers like OpenAI and Anthropic. By intercepting all the AI traffic between these clients and

the upstream APIs, Bridge can record user prompts, token usage, and tool invocations.

the upstream APIs,AIBridge can record user prompts, token usage, and tool invocations.

Bridge solves 3 key problems:

AIBridge solves 3 key problems:

1.**Centralized authn/z management**: no more issuing & managing API tokens for OpenAI/Anthropic usage.

Users use their Coder session or API tokens to authenticate with`coderd` (Coder control plane), and

- Investigate opportunities for AI automation

- Uncover the high-leverage use cases from experienced engineers

We advise trying Bridge as self-hosted proxy to monitor LLM usage agnostically across AI powered IDEs like Cursor and headless agents like Claude Code.

We advise trying AI Bridge as self-hosted proxy to monitor LLM usage agnostically across AI powered IDEs like Cursor and headless agents like Claude Code.

- GPT-5 Codex currently does not work with AI Bridge due to missing`v1/responses` endpoint:https://github.com/coder/aibridge/issues/16

- Claude Code web searches do not report correctly:https://github.com/coder/aibridge/issues/11

[Model Context Protocol (MCP)](https://modelcontextprotocol.io/docs/getting-started/intro) is a mechanism for connecting AI applications to external systems.

Bridge can connect to MCP servers and inject tools automatically, enabling you to centrally manage the list of tools you wish to grant your users.

AIBridge can connect to MCP servers and inject tools automatically, enabling you to centrally manage the list of tools you wish to grant your users.

Bridge makes use of[External Auth](../../admin/external-auth/index.md) applications, as they define OAuth2 connections to upstream services. If your External Auth application hosts a remote MCP server, you can configure Bridge to connect to it, retrieve its tools and inject them into requests automatically - all while using each individual user's access token.

AIBridge makes use of[External Auth](../../admin/external-auth/index.md) applications, as they define OAuth2 connections to upstream services. If your External Auth application hosts a remote MCP server, you can configure AI Bridge to connect to it, retrieve its tools and inject them into requests automatically - all while using each individual user's access token.

For example, GitHub has a[remote MCP server](https://github.com/github/github-mcp-server?tab=readme-ov-file#remote-github-mcp-server) and we can use it as follows.

CODER_EXTERNAL_AUTH_0_TYPE=github

CODER_EXTERNAL_AUTH_0_CLIENT_ID=...

CODER_EXTERNAL_AUTH_0_CLIENT_SECRET=...

CODER_EXTERNAL_AUTH_0_MCP_URL=https://api.githubcopilot.com/mcp/

See the diagram in[Implementation Details](../reference#implementation-details) for more information.

See the diagram in[Implementation Details](../reference.md#implementation-details) for more information.

You can also control which tools are injected by using an allow and/or a deny regular expression on the tool names:

Bridge marks automatically injected tools with a prefix`bmcp_` ("bridged MCP"). It also namespaces all tool names by the ID of their associated External Auth application (in this case`github`).

[Coder Tasks](../../workspaces/tasks.md) provides a framework for using agents like Claude Code to complete background development operations. To route those agents through Bridge:

- Enable Bridge at the control plane and configure the upstream provider keys.

- Inject the AI Bridge base URLs and API keys into the Task environment (for example by setting`OPENAI_BASE_URL` and`OPENAI_API_KEY`).

- Template authors can bake these variables into Task definitions so that new runs automatically use Bridge.

This setup keeps agent execution within Coder while applying the same auditing and MCP policies as IDE clients.

Bridge also works with IDE-native assistants inside workspaces. Configure the IDE extension or desktop client to point at the Bridge endpoints and rely on the workspace's environment variables for authentication. This is the fastest path to bring existing agents like Roo Code, Cursor, or Claude Code into compliance without adopting Tasks.

AI Bridge marks automatically injected tools with a prefix`bmcp_` ("bridged MCP"). It also namespaces all tool names by the ID of their associated External Auth application (in this case`github`).

If a model decides to invoke a tool and it has a`bmcp_` suffix and Bridge has a connection with the related MCP server, it will invoke the tool. The tool result will be passed back to the upstream AI provider, and this will loop until the model has all of its required data. These inner loops are not relayed back to the client; all it seems is the result of this loop. See[Implementation Details](../reference#implementation-details).

If a model decides to invoke a tool and it has a`bmcp_` suffix andAIBridge has a connection with the related MCP server, it will invoke the tool. The tool result will be passed back to the upstream AI provider, and this will loop until the model has all of its required data. These inner loops are not relayed back to the client; all it seems is the result of this loop. See[Implementation Details](./reference.md#implementation-details).

In contrast, tools which are defined by the client (i.e. the[`Bash` tool](https://docs.claude.com/en/docs/claude-code/settings#tools-available-to-claude) defined by_Claude Code_) cannot be invoked by Bridge, and the tool call from the model will be relayed to the client, after which it will invoke the tool.

In contrast, tools which are defined by the client (i.e. the[`Bash` tool](https://docs.claude.com/en/docs/claude-code/settings#tools-available-to-claude) defined by_Claude Code_) cannot be invoked byAIBridge, and the tool call from the model will be relayed to the client, after which it will invoke the tool.

If you have the`oauth2` and`mcp-server-http` experiments enabled, Coder's own[internal MCP tools](../mcp-server.md) will be injected automatically.

Bridge records the last`user` prompt, token usage, and every tool invocation for each intercepted request. Each capture is tied to a single "interception" that maps back to the authenticated Coder identity, making it easy to attribute spend and behaviour.

AIBridge records the last`user` prompt, token usage, and every tool invocation for each intercepted request. Each capture is tied to a single "interception" that maps back to the authenticated Coder identity, making it easy to attribute spend and behaviour.


`coderd` runs an in-memory instance of`aibridged`, whose logic is mostly contained inhttps://github.com/coder/aibridge. In future releases we will support running external instances for higher throughput and complete memory isolation from`coderd`.

<details>

<summary>See a diagram of how Bridge interception works</summary>

<summary>See a diagram of howAIBridge interception works</summary>


</details>

- GPT-5 Codex currently does not work with Bridge due to missing`v1/responses` endpoint:https://github.com/coder/aibridge/issues/16

- Claude Code web searches do not report correctly:https://github.com/coder/aibridge/issues/11


API support is broken down into two categories:

-**Intercepted**: requests are intercepted, audited, and augmented - full Bridge functionality

-**Intercepted**: requests are intercepted, audited, and augmented - fullAIBridge functionality

-**Passthrough**: requests are proxied directly to the upstream, no auditing or augmentation takes place

Where relevant, both streaming and non-streaming requests are supported.

To report a bug, file a feature request, or view a list of known issues, please visit our[GitHub repository for Bridge](https://github.com/coder/aibridge). If you encounter issues with Bridge during early access, please reach out to us via[Discord](https://discord.gg/coder).

To report a bug, file a feature request, or view a list of known issues, please visit our[GitHub repository forAIBridge](https://github.com/coder/aibridge). If you encounter issues with AI Bridge during early access, please reach out to us via[Discord](https://discord.gg/coder).