Commit Graph

41 Commits

Author SHA1 Message Date
Ishaan Jaff 81948d4198 fix test 2025-07-03 15:37:10 -07:00
Ishaan Jaff e75f4c8561 TestCallbackManagementEndpoints 2025-07-03 15:00:53 -07:00
Cole McIntosh adfe63cf3a fix: handle proxy internal callbacks in callback management test (#12294)
The test_list_callbacks_mixed_callback_types test was failing when run in parallel with other tests due to the proxy server's internal _PROXY_VirtualKeyModelMaxBudgetLimiter callback persisting across test runs. This fix filters out proxy internal callbacks from the test assertions to ensure consistent test behavior regardless of test execution order or parallelization.
2025-07-03 14:28:46 -07:00
Ishaan Jaff 9cc144e3cb test add clear_existing_callbacks 2025-07-03 12:00:36 -07:00
Ishaan Jaff a6527e5010 [Feat] Add litellm-proxy cli login for starting to use litellm proxy (#12216)
* add handlers for auth commands

* add login, logout, whoami

* refactor auth

* add CLI Authentication Flow

* add SSO sign in constants

* add itellm-session-token

* fixes for managing state with cli

* use locally stored context for cli session

* add litellm banner + interactive shell

* update main.py

* update auth to show commands

* fix ui sso render

* add TestCLISSOCallbackFunction

* update banner.py

* remove file

* fix cli sso success

* TestTokenUtilities

* fix code qa

* fix execute_command

* fix cli_sso_callback

* fix import

* Authentication using CLI
2025-07-01 18:11:19 -07:00
Krish Dholakia cec7e4941a UI QA Fixes - prevent team model reset on model add + return team-only models on /v2/model/info + render team member budget correctly (#12144)
* fix(team_endpoints.py): prevent overwriting current list of team models on new model add

* fix(networking.tsx): fix default proxy base url

* fix(proxy_server.py): include team only models when retrieving all deployments on `/v2/model/info` helper util

ensures team only models are shown to user

* fix(router.py): check model name by team public model name when team id given

Fixes issue where team member could not see team only models when clicking into that team on `Models + Endpoints`

* fix(team_member_view.tsx): fix rendering team member budget, when budget is set

* test: update tests

* test: update unit test
2025-06-28 22:04:49 -07:00
Cole McIntosh 6578133bb7 Fix user-team association issues in LiteLLM proxy (#12082)
* Fix user-team association issues in LiteLLM proxy

- Update list_team function to properly filter teams using user's teams array instead of only checking members_with_roles field
- Add Field descriptions and docstring to TeamMemberAddRequest and related models for better Swagger/OpenAPI documentation
- Maintain backward compatibility with fallback to members_with_roles if user lookup fails

This ensures users created with teams parameter appear correctly in team views and improves API documentation.

* Fix duplicate member checking in team_member_add endpoint

- Enhanced team_member_add_duplication_check to check both user_id and user_email
- Added additional duplicate prevention logic after user creation/lookup
- Fixed issue where users added by email could be duplicated in teams
- Added logging for debugging duplicate detection

This addresses the bug where adding the same user by email multiple times would create duplicate entries in the team's members_with_roles array.

* Improve duplicate member prevention in team_member_add

- Enhanced early duplicate check to handle both user_id and user_email
- Added late-stage duplicate prevention after user lookup/creation
- Fixed issue where users could be added multiple times by email
- Cleaned up debug logging

Note: There's still an edge case where the duplicate prevention may not work
correctly in all scenarios. This needs further investigation and testing.

* Refactor team_member_add endpoint for improved member management

- Split team_member_add functionality into smaller, dedicated functions for permission validation, member processing, and team member list updates.
- Enhanced permission checks to ensure only authorized users can add members.
- Streamlined member addition logic to reduce redundancy and improve readability.
- Maintained existing functionality while improving code structure and maintainability.

* Add tests for team_member_add helper functions

- Add test for _validate_team_member_add_permissions with admin user
- Add test for _validate_team_member_add_permissions with non-admin user
- Add test for _process_team_members with single member
- Add test for _process_team_members with multiple members
- Add test for _update_team_members_list with new member
- Add test for _update_team_members_list duplicate prevention

These tests ensure the refactored helper functions work correctly
after fixing the PLR0915 linting error.
2025-06-27 21:29:49 -07:00
Krish Dholakia e8d7537b57 Raise clearer error on Anthropic Unified route + allow setting new_key on /key/regenerate
* fix(llm_http_handler.py): raise clearer error on anthropic unified route

Fixes https://github.com/BerriAI/litellm/issues/12063

* fix(key_management_endpoints.py): add new param `new_key` for setting the regenerated key value

user request

* test: add unit tests

* fix(pass_through_endpoints.py): use data instead of json for passthrough requests

fixes bedrock latency issue

* Revert "fix(pass_through_endpoints.py): use data instead of json for passthrough requests"

This reverts commit 021dfd9165f837d37e6aad247ccbd0d2e8ca6043.
2025-06-26 21:56:03 -07:00
Krish Dholakia ac15ca3014 Teams - Support default key expiry + UI - support enforcing access for members of specific SSO Group (#12023)
* fix(team_endpoints.py): support setting default key expiry

allows admin to set key expiry on all team member keys

makes it easier to setup default team for experimentation

* feat(key_management_endpoints.py): allows admin to set duration for keys created by team members

* feat(team_endpoints.py): support team_member_key_duration on `/team/update`

allows setting max time team member keys are valid for

* fix(team_info.tsx): ui component to update team member key duration

* fix(team_info.tsx): support updating team member key duration, if set

* feat(teams.tsx): add team member key duration param ui component

allow admin to set this on UI

* feat(ui_sso.py): support restricting ui access by sso group

allows controlling who can/can't access the UI

* feat(ssomodals.tsx): add initial commit adding sso group access to admin ui

* feat(proxy_server.py): support reading + writing ui_access_mode from db

allows admin to configure allowed sso groups from UI

* feat(ui_sso.py): support enforcing all teams on sso jwt handler

if ui access mode set via ui, support reading the value and enforcing it

* feat(ui/): ui component for controlling sso access group

allow admin to only allow users within specific sso group to log into UI

* fix(uiaccesscontrolform.tsx): fix field names

* feat(ui_sso.py): return received sso response in the clientside error message - enables easier debugging

* test: add unit tests

* fix: minor fixes
2025-06-24 21:58:07 -07:00
Ishaan Jaff b9feb43dac [Bug Fix] SCIM - Ensure new user roles are applied (#12015)
* SCIM fix new user roles

* test_create_user_defaults_to_viewer

* test_create_user_uses_default_internal_user_params_role

* fix default user for SCIM

* fix linting error
2025-06-24 13:22:56 -07:00
Ishaan Jaff b5c48c8c22 [Feat] Add List Callbacks API Endpoint (#11987)
* add get_callbacks_by_type

* add list_callbacks

* fix _get_callback_string

* add callback_management_endpoints_router

* fix proxy config.yaml

* fixes list callbacks

* TestCallbackManagementEndpoints

* update docs

* docs Response Fields

* docs header format

* docs Dynamic Callback Management
2025-06-23 15:34:25 -07:00
Krish Dholakia 7f3d8bb9c5 Management Fixes - don't apply default internal user settings to admins + preserve all model access for teams with empty model list, when team model added + /v2/model/info fixes (#11957)
* fix(internal_user_endpoints.py): don't apply default internal user params if role is admin

prevent internal user restrictions from being applied to admin

* fix(proxy_server.py): fix model info v2 endpoint check - handle user_id being none

* fix(team_endpoints.py): ensure team doesn't lose all model access if set as empty string and new team model added

* fix(proxy_server.py): ensure model with team id is only added as valid for team which has that id
2025-06-21 20:33:10 -07:00
Ishaan Jaff 7006cd4139 test ui sso 2025-06-21 15:58:48 -07:00
Ishaan Jaff 6cd2fe4879 test_team_endpoints.py 2025-06-21 15:57:58 -07:00
Ishaan Jaff 1bfe6a1110 test_get_user_groups_pagination 2025-06-21 14:24:04 -07:00
Ishaan Jaff 18c93d99cd test ui sso 2025-06-21 14:17:57 -07:00
Krrish Dholakia 1e6d43e761 Squashed commit of the following:
commit 440bc027251d8180174d762d83d271d0f7b68cc5
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 23:04:11 2025 -0700

    fix: fix check

commit 89a7451cb9ee26ff9f642335714dcc6f449d1fc2
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 22:42:30 2025 -0700

    fix: fix test

commit 1322e3b3497e5d334fdcaa18f0cf7a98ea758df4
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 20:52:40 2025 -0700

    style: add more tooltips

commit 172738b98b7864aabcacf3334a394098b300283f
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 20:51:09 2025 -0700

    feat(team_member_view.tsx): add a tooltip

commit 895eb28deb9127985e30b5e859e5bca8530951c9
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 18:46:49 2025 -0700

    fix(teams.tsx): support setting team member budget on create

commit 003cc54a6dd0f65030c4f39a8487adc771b62e11
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 18:40:49 2025 -0700

    fix(team_member_view.tsx): style improvements

commit a627a044f21df788f80d92a4081212072be91632
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 18:40:01 2025 -0700

    fix(team_member_view.tsx): handle scientific notation in string

commit c5a3b7bd8419f6394e1b490849555d02d473baed
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 18:34:25 2025 -0700

    feat(team_membership_view.tsx): show team member spend + max budget on UI

commit e986d12ad5b07c676f4cac5e16745939d7473dee
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 18:28:06 2025 -0700

    feat(team_member_view.tsx): show team member spend + budget on team info

commit 8e398607b25f8a8f0bab41964810b5dd27c5e3f2
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 18:18:16 2025 -0700

    feat(team_info.tsx): show team member budget on team info

commit 1f56886b5913dafefc0c00fbe741c0c9c01144a6
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 18:15:30 2025 -0700

    feat(team_endpoints.py): get team budget table on team info

    allows user to see max budget set for team members

commit 0a4320bbfa406c24ad32a420f82152da7bdd7323
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 18:10:06 2025 -0700

    feat(team_endpoints.py): return team member budget on team info

    allows ui to display this to admin / team member

commit 6a4e29f87b333ae9977e8f878960e63becd89150
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 17:57:20 2025 -0700

    fix(team_endpoints.py): support updating team budget on UI

commit 53f0fff34032977433dfe6935ce0a684a4141fd8
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 17:38:17 2025 -0700

    feat(proxy/_types.py): return team member spend

    update pydantic object to include spend

    Allows showing spend of team member within team on UI

commit ef2a1a43ecf7fecfb904042cbf47b3d56246edcb
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 16:31:42 2025 -0700

    feat(team_endpoints.py): support 'team_member_budget' param on `/team/update`

    enables budget working across all team members

commit 512999f1249b00a02a30f049a0cfa36e829ff989
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 16:20:04 2025 -0700

    test: add unit tests for default team member budget

commit 90fa3f61a2d63e12b9f3e1da9775f5c8b7294b5f
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 15:37:51 2025 -0700

    feat(team_endpoints.py): support using default team member budget id, if set

    allows all team members to use the same budget id

commit acef5324b1a0935a482c71060f610c3d8823e8c3
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 15:22:30 2025 -0700

    feat(team_endpoints.py): support `team_member_budget` param on `/team/new`

    Allow creating 1 budget for all users within team (makes it easier to increase/reduce budget if needed for all team members)

commit 2e867ac70fbd8768e7c27cf3b078e6dc10e566b9
Author: Krrish Dholakia <krrishdholakia@gmail.com>
Date:   Fri Jun 20 13:45:06 2025 -0700

    fix(ui_sso.py): ensure user is added to team, if set via default internal settings

    allows users signed up via SSO to be added to default team
2025-06-20 23:11:53 -07:00
John Tong c36d0f667b Feat/add delete callback (#11654)
* feat(delete callback): add api and ui for deleting logging callbacks

* hotfix(delete callback): hotfix lint error

* move test case to test_litellm folder

* fix test case to use mock prisma client
2025-06-20 13:50:37 -07:00
Krish Dholakia 308e82d885 LiteLLM SDK <-> Proxy improvement (don't transform message client-side) + Bedrock - handle qs:.. in base64 file data + Tag Management - support adding public model names (#11908)
* fix(factory.py): handle qs:.. in mime type

Fixes https://github.com/BerriAI/litellm/issues/11839

* feat(litellm_proxy/): don't transform messages client-side

leave litellm proxy messages untouched - allow proxy to handle transformation

 prevents double transformation

* feat(tag_management_endpoints.py): support adding models to tag by adding model_name

Closes https://github.com/BerriAI/litellm/issues/11884

* test(test_tag_management_endpoints.py): add unit tests for adding new model by public model name

* test: update test
2025-06-19 22:34:18 -07:00
Ishaan Jaff b90d3ca8d0 [Feat] MCP - Allow connecting to MCP with authentication headers + Allow clients to specify MCP headers (#11890) (#11891)
* initial mcp auth with special header (#11890)

Co-authored-by: wagnerjt <wagnerjt@github.com>

* add mcp auth header

* fixes MCP client for litellm proxy

* fixes loc of MCP types

* fixes use MCP client for auth to MCPs

* fix organization

* fix mcp auth header

* add MCP auth header to litellm auth

* fixes for MCP auth

* Add MCP auth to list tools

* fix MCP call tool

* fixes for MCP auth header

* tests for MCP transport

* TestMCPClientUnitTests

* docs MCP auth

* fix types

* docs fix

* fix MCP auth import

* fix code qa check

* test fix mcp auth token check

---------

Co-authored-by: wagnerjt <wagnerjt@github.com>
2025-06-19 20:07:08 -07:00
Ishaan Jaff 8818347acc test scim 2025-06-18 21:42:40 -07:00
Krish Dholakia c8bdc552fb Revert "Revert "UI - allow setting default team for new users (#11874)" (#11876)" (#11877)
This reverts commit 8cfb3cfa94.
2025-06-18 21:30:59 -07:00
Krish Dholakia 8cfb3cfa94 Revert "UI - allow setting default team for new users (#11874)" (#11876)
This reverts commit 65bda75f31.
2025-06-18 21:27:59 -07:00
Krish Dholakia 65bda75f31 UI - allow setting default team for new users (#11874)
* feat(internal_user_endpoints.py): allow passing team-specific details when creating new user with team

allows assigning users to teams on creation

* feat(internal_user_endpoints.py): support for setting team values in default internal user params

Ensures admin can assign all new users to a default team

* test(test_internal_user_endpoints.py): add unit tests

* feat(ui/): allow setting default team on admin UI

easier onboarding for users

* fix(internal_user_endpoints.py): fix exception check
2025-06-18 21:27:32 -07:00
Ishaan Jaff c71d50fd09 test_handle_team_membership_changes_add_teams 2025-06-18 21:21:55 -07:00
Ishaan Jaff 3043df0d30 fixes test scimv2 2025-06-18 16:38:36 -07:00
Ishaan Jaff 4782d435ed [Fix] SCIM - Add SCIM PATCH and PUT Ops for Users (#11863)
* fix SCIM memberships Patch

* fixes for SCIM updates

* fixes for SCIM

* working provisioning for teams on SCIM

* working user patch / PUT ops SCIM

* fixes SCIM

* test_scim_v2_endpoints.py

* handle_existing_user_by_email

* fixes for provisioning SCIMUser

* fixes SCIM provisioning

* test scim v2

* fixes for linting

* fix _apply_patch_ops

* fixes code QA check for team membership checks
2025-06-18 16:24:55 -07:00
Ishaan Jaff ef336dcb38 [SCIM] Add Error handling for existing user on SCIM (#11862)
* fix handling existing user on SCIM

* test scim v2 fixes
2025-06-18 09:49:13 -07:00
Ishaan Jaff a8196159b9 [Bug Fixes] MCP - using MCPs defined on config.yaml + fix for MCP error Team doesn't exist in cache (#11824)
* fix - dont allow missing team to block MCP list response

* use HTTP as default transport

* _generate_stable_server_id

* fix list MCP servers

* ui fix

* test_list_mcp_servers_empty_result

* test_generate_stable_server_id

* _generate_stable_server_id

* fix code QA

* fix code QA
2025-06-17 16:25:12 -07:00
Krish Dholakia 87ae2cf3d7 SSO - Allow passing additional headers + Spend Tags - automatically track spend by user agent (allows cost tracking for claude code) (#11781)
* feat(ui_sso.py): allow admin to specify additional headers for sso provider

some sso providers require special headers to return a json response

* test(test_ui_sso.py): add unit tests to ensure custom headers are respect3ed

* docs(config_settings.md): document new header param

* fix(litellm_pre_call_utils.py): add spend tag tracking by user agent

allows checking spend for cli tools like claude code

* feat(litellm_pre_call_utils.py): track spend by user agent part if user agent contains "/"

allows tracking spend across user agent versions

Better cost tracking for claude cod

* test(test_litellm_pre_call_utils.py): add testing for pre call utils, user agent parsing

* fix: fix linting check
2025-06-16 21:53:40 -07:00
Ishaan Jaff c40580f892 [Fix] JWT - Fix error when team member already part of team (#11735)
* fix _check_member_duplication

* fix map_user_to_teams

* test_map_user_to_teams_handles_already_in_team_exception

* test_team_endpoints.py
2025-06-14 15:50:16 -07:00
Krish Dholakia 39de3610be fix(internal_user_endpoints.py): support user with + in email on us… (#11601)
* fix(internal_user_endpoints.py): support user with `+` in email on user info

ensures user is correctly parsed from input

* fix(factory.py): support vertex function call args as None

handles empty string in args for vertex gemini calls

* docs(langfuse_integration.md): pin langfuse sdk version on docs

* fix(vertex_ai/): return empty dict, instead of none when empty string given

* refactor: reduce function size

* fix: fix linting errors

* fix: revert check

* fix(internal_user_endpoints.py): fix check

* test: update tests

* test: update tests
2025-06-10 22:13:10 -07:00
Krish Dholakia c569056ea8 Show remaining users on UI (#11568)
* docs(deploy.md): move docker recommendation to `main-stable`

* feat(enterprise/internal_user_endpoints.py): expose endpoint for checking available premium users

* feat(usage_indictor.tsx): add new element to help track remaining premium users

* feat(usage_indicator.tsx): show premium user remaining usage

allows users with user caps to know how much is left

* fix(vertex_and_google_ai_studio_gemini.py): bubble up stream is not finished, even if stop reason is given

prevents early completion of stream

Closes https://github.com/BerriAI/litellm/issues/11549

* fix(streaming_handler.py): respect is_finished = False in hidden params

internal logic for preventing ending stream early

* fix(litellm_license.py): add function to check if user is over limit

* fix(internal_user_endpoints.py): add function to check if user is over limit

* refactor: move test

* docs(customer_endpoints.py): document new param
2025-06-09 22:04:45 -07:00
Krish Dholakia e0fa33f099 UI / SSO - Update proxy admin id role in DB + Handle SSO redirects with custom root path (#11384)
* fix(ui_sso.py): update user as proxy admin in db table, when checking for proxy_admin_id

Fixes issue where existing internal user, unable to make calls when set as proxy admin id

* fix(utils.py): fix custom base path
2025-06-03 21:16:55 -07:00
hagan 0f449bf038 [Bug Fix] Create/Update team member api 500 errror (#10479)
* Fixes issue with team_endpoints on member budget update

* refactored location of budget membership fix

* added test for _upsert_budget_membership func
2025-06-03 15:57:33 -07:00
Ishaan Jaff f247f1031b [Fix] Fix SCIM running patch operation case sensitivity (#11335)
* fix: fix SCIM patch op

* test: test SCIM patch op
2025-06-02 13:53:26 -07:00
Ishaan Jaff 68fd17d15e [Fix] QA Fixes - Vector Store Object Permissions (#11291)
* fix: QA for key,team,org permissions

* fix: add_vector_store_to_registry

* fix: refactor bedrock guard

* fix: refactor using us east 1 with vector stores

* fix: code QA checks

* fix: testing for mgmt endpoints
2025-05-31 09:41:05 -07:00
Ishaan Jaff ea841eeb9b [Feat] UI - show vector store permissions for Key, Team, Org (#11277)
* fix LiteLLM_ObjectPermissionTable

* fix include object_permission for list key

* fix key list to inclue obj permissions

* fix object permissions for vector stores on key info

* add key edit view with vector stores

* allow editing vector stores permissions

* fixes obj permissions

* feat: add obj permission on UI

* fix: add object_permission:true

* ui show org vector stores on org info

* fix: show object permissions on /org/info

* feat: allow updating obj permissions for keys

* fixes: key object permissions

* fixes: team object permissions

* fixes: org object permissions

* fix vector store selector for Orgs
2025-05-30 17:23:50 -07:00
Ishaan Jaff 711c931c71 test: fix test_key_generation_with_object_permission 2025-05-28 21:24:35 -07:00
Ishaan Jaff 4e6c4beef8 [Feat] Permission management vector stores on LiteLLM Key, Team, Orgs (#11213)
* fix: init commit for object permissions

* fix: init commit for object permissions

* fix: add vector_store_id to permissions

* fix vector store selector

* feat:add vector store permission mgmt

* feat: ui add allowed vector stores dropdown

* feat: add new vector store object permissions

* testing: key mgmt

* fix: stor vector store permissions on team

* ui select vector store for teams

* ui add vector store settings for orgs

* feat: allow setting org vector store permissions

* test: adding team permissions for vector stores
2025-05-28 16:58:53 -07:00
Krish Dholakia ef42461c1e Litellm fix GitHub action testing (#11163)
* test: add __init__.py files

* refactor: rename test folder to avoid naming conflict

* test: update workflows

* test: update tests

* test: update imports

* test: update tests

* test: remove unused import

* ci(test-litellm.yml): add pytest retry to github workflow

* test: fix test
2025-05-26 14:41:42 -07:00