Commit Graph

115 Commits

Author SHA1 Message Date
Ishaan Jaff 17ea770ab5 [Feat] SSO - Allow users to run a custom sso login handler (#12465)
* fix return_ui_sso_redirect_response_after_sign_in

* add CustomSSOLoginHandler

* add handle_custom_ui_sso_sign_in

* fix handle_custom_ui_sso_sign_in

* fixes for /sso/key/generate

* add test_handle_custom_ui_sso_sign_in_success

* fixed for loading config

* add example custom handler

* test_custom_ui_sso_sign_in_handler_config_loading

* docs - custom sso

* move to enterprise folder

* EnterpriseCustomSSOHandler

* handle_custom_ui_sso_sign_in

* docs custom sso

* docs sso

* docs custom sso

* get_redirect_response_from_openid

* fix mock tests
2025-07-09 16:36:30 -07:00
Jugal D. Bhatt a12bbe7da4 Litellm mcp internal users (#12458)
* added mcp tools on internal user and divide it by teams

* add support for server api call

* Added frontend for test key

* added tools used output

* fix ui for servers

* All servers to personal

* change columns format

* revert ui logic

* Added vertical align

* fix mapped tests

* fix lint

* fix lint

* remove extra file

* fix ui test

* comments fixes

* change query type

* change query type

* change query type

* Update model_checks.py
2025-07-09 16:30:51 -07:00
Ishaan Jaff afd382d09f [Feat] MCP Gateway - Allow customizing what client side header to use (#12460)
* add _get_mcp_auth_header_from_headers

* test_process_mcp_request_with_custom_auth_header

* Using a different Authentication Header

* fix customize MCP Auth header name
2025-07-09 12:30:20 -07:00
Krish Dholakia c42880d771 fix(utils.py): rollback faulty security check on files (#12441)
* fix(utils.py): rollback faulty security check on files

Closes https://github.com/BerriAI/litellm/issues/11009

* fix(route_checks.py): add unit tests
2025-07-08 22:11:06 -07:00
Krish Dholakia c4af2eb5e2 MCP - usage tracking (#12397)
* fix(common_daily_activity.py): initial commit with working mock BE endpoint for mcp usage

* feat(ui/): show mcp server activity on UI

allows admin to know which mcp's are being used

* feat(common_daily_activity.py): return activity by key

* feat(ui/): show top api keys for a given model / mcp server

allow user to know which key is driving spend

* fix(common_daily_activity.py): use known mcp server names

* feat(server.py): log the namespaced tool name (includes server prefix)

allow accurate cost tracking

* feat(db_spend_update_writer.py): log by mcp_namespaced_tool_name

store aggregate daily activity by mcp_namespaced_tool_name

Enables cost / usage tracking by mcp tool name

* fix(server.py): add key/user metadata to mcp calls

* refactor(common_daily_activity.py): update to return mcp activity in API

* fix(common_daily_activity.py): handle empty key

* fix(common_daily_activity.py): track when api key is empty

* test(test_spend_management_endpoints.py): update tests

* fix: fix ui linting error

* fix: fix linting errors

* test: add missing key

* build(schema.prisma): add mcp tool tracking

* fix(migration.sql): add schema migration file

* feat(server.py): add request logging for mcp calls

enables storing the mcp calls

* fix(new_usage.tsx): fix linting errors

* fix: fix code qa errors

* fix(activity_metrics.tsx): fix ui linting errors post-merge

* fix(types/utils.py): fix linting error

* fix(server.py): always have name
2025-07-08 22:08:16 -07:00
Ishaan Jaff d720b3d369 [Bug fix] Multiple API Keys Created on Startup When max_budget is Enabled (#12436)
* fix _add_proxy_budget_to_db

* fix if table_name is not None and table_name == "user":

* revert earlier change

* test_add_proxy_budget_to_db_only_creates_user_no_keys

* lint fix
2025-07-08 16:46:05 -07:00
Ishaan Jaff 5cad0dd94b [Feat] Add MCP Cost Tracking (#12385)
* fix MCP_TOOL_NAME_PREFIX

* test_mcp_cost_tracking

* init MCPCostCalculator

* add call_mcp_tool

* calculate_mcp_tool_call_cost

* add MCPServerCostInfo

* add mcp_server_cost_info

* add mcp_server_cost_info

* pass through litellm_logging_obj

* logged_standard_logging_payload

* fix logging MCP tool call

* test_mcp_cost_tracking_per_tool

* fix NewMCPServerRequest

* fix add_update_server

* add MCP info to schema.prisma

* fix create_mcp_server

* working custom cost per call

* fix mcp server cost

* fix MCPCostCalculator

* TestMCPCostCalculator
2025-07-07 21:08:10 -07:00
Ishaan Jaff 0a36f89009 [Bug Fix] s3 config.yaml file - ensure yaml safe load is used (#12373)
* use yaml safe load

* test_get_file_contents_from_s3_no_temp_file_creation
2025-07-07 14:42:33 -07:00
Krish Dholakia bda9eecd45 Litellm dev 07 05 2025 p3 (#12349)
* refactor(aim.py): refactor to support adding aim guardrails on UI

* fix(base.py): add ui_friendly_name to config model

* feat(ui/): support loading new guardrails from backend api call

removes need to onboard each guardrail to ui

* fix: don't show optional params if not set and don't show ui_friendly_name (internal param0

* fix(ui/add_guardrail_form.tsx): ensure dynamic provider value is used

* fix(ui/): just one-time update the provider map dictionary

* fix(ui/): show masked api base / api key on guardrail update

* refactor(aporia_ai/): refactor to show on UI

* feat(aporia_ai/): add aporia ai guardrail to UI

* refactor(guardrails_ai/): refactor to add via UI

* refactor(lasso.py): refactor to enable adding lasso guardrails via UI

* feat(pangea.py): add pangea guardrail on UI

* feat(panw): add panw prisma airs through UI

* test: update tests

* fix: fix ruff linting error

* test: update tests

* fix: add missing docs

* fix: fix guardrail init

* fix: suppress linting errors

* fix(proxy_server.py): fix linting error
2025-07-05 18:44:00 -07:00
Krish Dholakia e7f1fa26ab UI - Azure Content Guardrails (#12341)
* build(model_prices_and_context_window.json): remove 'supports_tool_choice' for specific mistral models

Closes https://github.com/BerriAI/litellm/issues/11750

* feat: initial commit adding cleaner ui for azure text moderation guardrails

* feat(guardrail_endpoints.py): add discoverable guardrail configs and improve converting base model to dict with types

* fix(guardrail_provider_fields.tsx): render from api endpoint correctly

* fix(guardrail_provider_fields.tsx): cleanup

* refactor(guardrail_endpoints.py): refactor to handle dictionaries with literal - allows multiselect

* feat(ui/): render dictionary with known keys correctly

* feat(ui/): render optional params on separate page

* style(ui/): style improvements to rendering optional params on the UI

* feat(azure/prompt_shield.py): add azure prompt shield back on UI

* fix(add_guardrail_form.tsx): fix form to handle updated api

* fix(guardrail_optional_params.tsx): ensure values are nested correctly for writing to api

* fix: fix linting error

* feat(text_moderation.py): handle str to int conversion

* fix(guardrail_info.tsx): only render pii settings if guardrail is presidio

* fix(guardrail_info.tsx): add guardrail specific fields to update settings

allows updating guardrail fields (e.g. severity threshold) post-create

* fix(guardrail_endpoints.py): set guardrail_id in guardrail object

ensures duplicate objects not created on guardrail update

* fix(guardrail_endpoints.py): allow provider specific fields to be updated on patch update

* refactor(guardrail_endpoints.py): remove duplicate info endpoint

* fix(guardrail_endpoints.py): mask sensitive keys on returning via guardrail `/info`

Prevent leaking keys

* fix(guardrail_optional_params.tsx): return numerical input when numerical component used

fixes issue where output was a str

* fix(guardrail_optional_params.tsx): render dict keys correctly

* fix(text_moderation.py): fix severity by category check

* fix(proxy/utils.py): check if guardrail should run for post call streaming hook

Prevents invalid guardrails from running if not requested

* test: fix import

* fix: fix linting error

* test: update test

* fix: fix tests

* fix: fix code qa errors

* fix(guardrail_endpoints.py): set max depth for function

* test: update recursive_detector.py

* test: update list

* build: merge main

* fix: fix ruff check errors
2025-07-05 10:19:29 -07:00
Krish Dholakia df47008818 UI - Add Azure Content Safety Guardrails (improved UX) (#12330)
* build(model_prices_and_context_window.json): remove 'supports_tool_choice' for specific mistral models

Closes https://github.com/BerriAI/litellm/issues/11750

* feat: initial commit adding cleaner ui for azure text moderation guardrails

* feat(guardrail_endpoints.py): add discoverable guardrail configs and improve converting base model to dict with types

* fix(guardrail_provider_fields.tsx): render from api endpoint correctly

* fix(guardrail_provider_fields.tsx): cleanup

* refactor(guardrail_endpoints.py): refactor to handle dictionaries with literal - allows multiselect

* feat(ui/): render dictionary with known keys correctly

* feat(ui/): render optional params on separate page

* style(ui/): style improvements to rendering optional params on the UI

* feat(azure/prompt_shield.py): add azure prompt shield back on UI

* fix(add_guardrail_form.tsx): fix form to handle updated api

* fix(guardrail_optional_params.tsx): ensure values are nested correctly for writing to api

* fix: fix linting error

* test: update tests

* fix mapped tests (#12320)

* fix - use flush llm client cache

* faster mapped tests

* test_async_multiple_response_ids_routing

* fix tests

* test_ateam_member_update_admin_requires_premium

* regular mapped tests

* Revert "Fix: Initialize JSON logging for all loggers when JSON_LOGS=True (#12206)"

This reverts commit 2c60c316ec.

* reset num workers

* check_for_litellm_module_deletion

* add test

* add code_qa_check_tests

* ci/cd new release

* docs(opentelemetry_integration.md): add otel debug flag to docs

help people debug their traces easily

* [Feat] Add failure logging support for s3 logger (#12299)

* add async_log_failure_event

* test_basic_s3_v2_logging_failure

* Comma separated spend and budget (#12317)

* all_keys_table, key_info_view, organizations

* teams

* the whole usage page

* teams page

* users table

* user info

* more commas

* some more commas

* Segregate MCP tools on connections using headers (#12296)

* Add get tools segregation

* add ui changes (#12302)

* resolve comments

* add mapped tests

* remove advanced settings (#12323)

* [Bug Fix] /generateContent API - Only pass supported params when using OpenAI models (#12297)

* fix - only pass GenericLiteLLMParams

* test_google_generate_content_with_openai

* Fix: Fix custom ca bundle support in aiohttp transport (#12281)

* Unify usage of get_ssl_configuration

* Fix doc

* [Feat] Add github co-pilot as a new LLM API provider (#12325)

* Litellm dev 03 05 2025 contributor prs (#9079)

* feat: add support for copilot provider

* test: add tests for github copilot

* chore: clean up github copilot authenticator

* test: add test for github copilot authenticator

* test: add test for github copilot for sonnet 3.7 thought model

* Fix #7629 - Add tzdata package to Dockerfile (#8915)

* Add tzdata package to Dockerfile

* Move tzdata to python requirement.txt

* feat: add support for copilot provider (#8577)

* feat: add support for copilot provider

* test: add tests for github copilot

* chore: clean up github copilot authenticator

* test: add test for github copilot authenticator

* test: add test for github copilot for sonnet 3.7 thought model

---------

Co-authored-by: Krish Dholakia <krrishdholakia@gmail.com>

* feat: add model information for copilot models

* fix: fix linting errors

* test: remove integration test for github_copilot + fix misisng mock

* fix: use print to make sure the logger message shown

* test: remove debug print

* fix lint (#11112)

* Add init files to make test directories Python packages and update import paths in test_token_counter.py (#11119)

* Update litellm/model_prices_and_context_window_backup.json

Co-authored-by: மனோஜ்குமார் பழனிச்சாமி <smartmanoj42857@gmail.com>

---------

Co-authored-by: Son H. Nguyen <nhs.000.dev@gmail.com>
Co-authored-by: subnet.dev <50828879+subnet-dev@users.noreply.github.com>
Co-authored-by: Son H. Nguyen <33925625+nhs000@users.noreply.github.com>
Co-authored-by: மனோஜ்குமார் பழனிச்சாமி <smartmanoj42857@gmail.com>
Co-authored-by: Ishaan Jaff <ishaanjaffer0324@gmail.com>

* refactor github copilot

* test_github_copilot_transformation.py

* test_github_copilot_authenticator.py

* add GitHub Copilot

* fix order

* doc fix

---------

Co-authored-by: Krish Dholakia <krrishdholakia@gmail.com>
Co-authored-by: Son H. Nguyen <nhs.000.dev@gmail.com>
Co-authored-by: subnet.dev <50828879+subnet-dev@users.noreply.github.com>
Co-authored-by: Son H. Nguyen <33925625+nhs000@users.noreply.github.com>
Co-authored-by: மனோஜ்குமார் பழனிச்சாமி <smartmanoj42857@gmail.com>

* add new env vars to docs

* ssl_cert_error (#12327)

* feat - add new banner on startup (#12328)

* [Security Bug Fix] Ensure only LLM API route fails get logged on Langfuse (and other loggers) (#12308)

* _is_proxy_only_llm_api_error

* test_proxy_only_error_true_for_llm_route

* add not on change

* Update tests/test_litellm/proxy/test_proxy_utils.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* add test_post_call_failure_hook_auth_error_key_info_route

* test fix _is_proxy_only_llm_api_error

* test_chat_completion_request_with_redaction

* test_post_call_failure_hook_auth_error_llm_api_route

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Ensure message redaction works for responses API logging (#12291)

* add fixes to choice implementation redaction

* add isInstance check on responses API

* change datadog to revert back

* change datadog to revert back

* fix type errors

* Redaction test changes

* Redaction test changes

* Redaction test changes - remove changes

* [Feat] UI - Allow Viewing/Editing Team Based Callbacks (#12329)

* add logging settings view on UI

* fix change ordering

* fix type error

* test fix - import loc

* [Feat] QA -  Arize Team based logging (#12331)

* add _get_tracer_with_dynamic_headers

* fix construct_dynamic_arize_headers

* [Feat] UI - Allow Viewing/Editing Team Based Callbacks (#12329)

* add logging settings view on UI

* fix change ordering

* add construct_dynamic_otel_headers for arize

* refactor common code

* test_construct_dynamic_arize_headers

* otel unit tests

* test_arize_dynamic_params

* test_arize_dynamic_headers_in_grpc_requests

* [Feat] UI - Allow setting Logging Callback Setting per Key (#12333)

* allow adding logging settings on a key

* add ability to edit key logging settings

* dont leak api keys on ui

* fix order

* add langsmith settings

* ui new build

* test_default_api_base

* fix new utils tests

* bump: version 1.73.7 → 1.74.0

* Add mcp server segregation comma separated support (#12326)

* add mcp comma separated support

* dont support legacy json array

* lint

* add live tail state to session storage (#12335)

* add aiml

* fix: fix unused imports

---------

Co-authored-by: Ishaan Jaff <ishaanjaffer0324@gmail.com>
Co-authored-by: tanjiro <56165694+NANDINI-star@users.noreply.github.com>
Co-authored-by: Jugal D. Bhatt <55304795+jugaldb@users.noreply.github.com>
Co-authored-by: Joost van Doorn <joost.van.doorn@gmail.com>
Co-authored-by: Son H. Nguyen <nhs.000.dev@gmail.com>
Co-authored-by: subnet.dev <50828879+subnet-dev@users.noreply.github.com>
Co-authored-by: Son H. Nguyen <33925625+nhs000@users.noreply.github.com>
Co-authored-by: மனோஜ்குமார் பழனிச்சாமி <smartmanoj42857@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-07-05 09:24:54 -07:00
Ishaan Jaff 738db9336e [Feat] JWT - Sync user roles and team memberships when JWT Auth is used (#11994)
* add JWTLiteLLMRoleMap

* test_sync_user_role_and_teams

* add sync_user_role_and_teams

* test_sync_user_role_and_teams

* fix types

* Sync User Roles and Teams with IDP

* Add test for JWT role mapping to LiteLLM roles
2025-07-05 08:58:34 -07:00
Jugal D. Bhatt 529f67f544 Add mcp server segregation comma separated support (#12326)
* add mcp comma separated support

* dont support legacy json array

* lint
2025-07-05 00:08:43 -07:00
Ishaan Jaff ff7dd1756a [Security Bug Fix] Ensure only LLM API route fails get logged on Langfuse (and other loggers) (#12308)
* _is_proxy_only_llm_api_error

* test_proxy_only_error_true_for_llm_route

* add not on change

* Update tests/test_litellm/proxy/test_proxy_utils.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* add test_post_call_failure_hook_auth_error_key_info_route

* test fix _is_proxy_only_llm_api_error

* test_chat_completion_request_with_redaction

* test_post_call_failure_hook_auth_error_llm_api_route

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-07-04 14:42:42 -07:00
Ishaan Jaff 39955129f5 fix mapped tests (#12320)
* fix - use flush llm client cache

* faster mapped tests

* test_async_multiple_response_ids_routing

* fix tests

* test_ateam_member_update_admin_requires_premium

* regular mapped tests

* Revert "Fix: Initialize JSON logging for all loggers when JSON_LOGS=True (#12206)"

This reverts commit 2c60c316ec.

* reset num workers
2025-07-04 10:04:43 -07:00
Ishaan Jaff 0835011388 test fix creds test 2025-07-03 22:01:52 -07:00
Ishaan Jaff 9c8619ed10 test fix 2025-07-03 21:16:26 -07:00
Ishaan Jaff 81d96b9ffe fix test models 2025-07-03 21:16:26 -07:00
Ishaan Jaff bffe5bec7d test fix cli credentials 2025-07-03 21:08:35 -07:00
Ishaan Jaff e03686de5f tests fix use correct import responses 2025-07-03 21:06:31 -07:00
Ishaan Jaff 4293dd2c2a test: stabilize credentials CLI patch (#12305) 2025-07-03 18:09:32 -07:00
Ishaan Jaff 3ad6b36ffc test: patch CredentialsManagementClient in CLI (#12304) 2025-07-03 17:01:50 -07:00
Ishaan Jaff 782ba9f5a0 sys.path.insert for cli tests 2025-07-03 15:58:49 -07:00
Ishaan Jaff 81948d4198 fix test 2025-07-03 15:37:10 -07:00
Ishaan Jaff e75f4c8561 TestCallbackManagementEndpoints 2025-07-03 15:00:53 -07:00
Cole McIntosh adfe63cf3a fix: handle proxy internal callbacks in callback management test (#12294)
The test_list_callbacks_mixed_callback_types test was failing when run in parallel with other tests due to the proxy server's internal _PROXY_VirtualKeyModelMaxBudgetLimiter callback persisting across test runs. This fix filters out proxy internal callbacks from the test assertions to ensure consistent test behavior regardless of test execution order or parallelization.
2025-07-03 14:28:46 -07:00
Ishaan Jaff 9cc144e3cb test add clear_existing_callbacks 2025-07-03 12:00:36 -07:00
Ishaan Jaff 96d5f891df fix test 2025-07-03 11:18:41 -07:00
Ishaan Jaff ba5af3e44b fix keys delete 2025-07-03 11:18:10 -07:00
Ishaan Jaff c3909d6f50 test_keys_delete_error_handling 2025-07-03 10:04:59 -07:00
dcieslak19973 d480cea8b0 Add azure_ai cohere rerank v3.5 (#12283)
* Add azure_ai cohere rerank v3.5

* Fix CI error
2025-07-03 10:01:45 -07:00
Ishaan Jaff 282ce1a859 test - fix delete keys 2025-07-02 22:23:10 -07:00
Krish Dholakia 42cd05dee8 Add Azure Content Safety Guardrails to LiteLLM proxy (#12268)
* feat(azure/prompt_shield.py): initial commit adding prompt shield guardrail + auto discovery mechanism for guardrails

reduces amount of code needed outside of guardrail integration for instrumentation

* feat(azure/prompt_shield.py): working azure prompt shield guardrail integration

Addresses https://github.com/BerriAI/litellm/issues/12254

* test: unit tests for prompt_shield

* fix(prompt_shield.py): add event hook validation for prompt shield guardrail

ensures prompt shield guardrail raises error if asked to run post_call (only runs on user prompt)

* feat(azure/): working text_moderation integration

* fix(text_moderation.py): suppress linting error

* test(test_azure_text_moderation.py): add unit test

* test(test_azure_text_moderation.py): add unit test for responses

* fix(text_moderation.py): return streaming error correctly

ensures error returned to user

* fix: fix linting error

* fix: fix linting check

* test: change mistral model

service tier exceeded

* fix(exception_mapping_utils.py): cover mistral in exception mapping
2025-07-02 21:34:19 -07:00
Jugal D. Bhatt 5fe01b9a2b Add MCP servers header to the scope of header (#12266)
* add mcp header param

* rename class

* fix tests

* fix tests

* added ruff fixes

* fix ruff checks

* added mypy type checking
2025-07-02 20:22:14 -07:00
Ishaan Jaff eef0623443 [Feat] Add Arize Team Based Logging (#12264)
* working KeyAndTeamLoggingSettings

* add arize_space_id to StandardCallbackDynamicParams

* add construct_dynamic_arize_headers

* add construct_dynamic_arize_headers to

* update otel arize logging

* fix imports

* test_construct_dynamic_arize_headers

* dynamic key/team settings

* test_get_dynamic_logging_metadata_with_arize_team_logging
2025-07-02 17:15:35 -07:00
Ishaan Jaff a6527e5010 [Feat] Add litellm-proxy cli login for starting to use litellm proxy (#12216)
* add handlers for auth commands

* add login, logout, whoami

* refactor auth

* add CLI Authentication Flow

* add SSO sign in constants

* add itellm-session-token

* fixes for managing state with cli

* use locally stored context for cli session

* add litellm banner + interactive shell

* update main.py

* update auth to show commands

* fix ui sso render

* add TestCLISSOCallbackFunction

* update banner.py

* remove file

* fix cli sso success

* TestTokenUtilities

* fix code qa

* fix execute_command

* fix cli_sso_callback

* fix import

* Authentication using CLI
2025-07-01 18:11:19 -07:00
Jason Roberts cc480f94c9 Fix/move panw prisma airs test file location per feedback on PR #12116 (#12175)
* Move PANW Prisma AIRS test per feedback on PR #12116

- Move test to tests/test_litellm/proxy/guardrails/guardrail_hooks/

* Remove test file from old location
2025-07-01 18:08:04 -07:00
Cole McIntosh abe364c2bc Fix: Ensure exception is not None before checking its string representation (#12209)
The test_keys_delete_error_handling test was failing with:
- ConnectionError when the mock wasn't properly applied
- The test was checking str(result.exception) without first verifying exception exists

This fix adds an explicit check that result.exception is not None before
attempting to convert it to string, preventing potential AttributeError
and making the test more robust.
2025-07-01 12:30:31 -07:00
Krish Dholakia ee9dd158dd Fix - handle empty config.yaml + Fix gemini /models - replace models/ as expected, instead of using 'strip' (#12189)
* fix(proxy_server.py): handle empty config yaml

Fixes https://github.com/BerriAI/litellm/issues/12163

* fix(gemini/common_utils.py): replace models/ as expected, instead of using 'strip'

Fixes https://github.com/BerriAI/litellm/issues/12160

* fix(anthropic/experimental_pass_through/messages/transformation.py): check for env var when selecting api key

* docs(config_settings.md): add api key to docs
2025-06-30 21:56:03 -07:00
Krish Dholakia cec7e4941a UI QA Fixes - prevent team model reset on model add + return team-only models on /v2/model/info + render team member budget correctly (#12144)
* fix(team_endpoints.py): prevent overwriting current list of team models on new model add

* fix(networking.tsx): fix default proxy base url

* fix(proxy_server.py): include team only models when retrieving all deployments on `/v2/model/info` helper util

ensures team only models are shown to user

* fix(router.py): check model name by team public model name when team id given

Fixes issue where team member could not see team only models when clicking into that team on `Models + Endpoints`

* fix(team_member_view.tsx): fix rendering team member budget, when budget is set

* test: update tests

* test: update unit test
2025-06-28 22:04:49 -07:00
Cole McIntosh 6578133bb7 Fix user-team association issues in LiteLLM proxy (#12082)
* Fix user-team association issues in LiteLLM proxy

- Update list_team function to properly filter teams using user's teams array instead of only checking members_with_roles field
- Add Field descriptions and docstring to TeamMemberAddRequest and related models for better Swagger/OpenAPI documentation
- Maintain backward compatibility with fallback to members_with_roles if user lookup fails

This ensures users created with teams parameter appear correctly in team views and improves API documentation.

* Fix duplicate member checking in team_member_add endpoint

- Enhanced team_member_add_duplication_check to check both user_id and user_email
- Added additional duplicate prevention logic after user creation/lookup
- Fixed issue where users added by email could be duplicated in teams
- Added logging for debugging duplicate detection

This addresses the bug where adding the same user by email multiple times would create duplicate entries in the team's members_with_roles array.

* Improve duplicate member prevention in team_member_add

- Enhanced early duplicate check to handle both user_id and user_email
- Added late-stage duplicate prevention after user lookup/creation
- Fixed issue where users could be added multiple times by email
- Cleaned up debug logging

Note: There's still an edge case where the duplicate prevention may not work
correctly in all scenarios. This needs further investigation and testing.

* Refactor team_member_add endpoint for improved member management

- Split team_member_add functionality into smaller, dedicated functions for permission validation, member processing, and team member list updates.
- Enhanced permission checks to ensure only authorized users can add members.
- Streamlined member addition logic to reduce redundancy and improve readability.
- Maintained existing functionality while improving code structure and maintainability.

* Add tests for team_member_add helper functions

- Add test for _validate_team_member_add_permissions with admin user
- Add test for _validate_team_member_add_permissions with non-admin user
- Add test for _process_team_members with single member
- Add test for _process_team_members with multiple members
- Add test for _update_team_members_list with new member
- Add test for _update_team_members_list duplicate prevention

These tests ensure the refactored helper functions work correctly
after fixing the PLR0915 linting error.
2025-06-27 21:29:49 -07:00
Krish Dholakia e8d7537b57 Raise clearer error on Anthropic Unified route + allow setting new_key on /key/regenerate
* fix(llm_http_handler.py): raise clearer error on anthropic unified route

Fixes https://github.com/BerriAI/litellm/issues/12063

* fix(key_management_endpoints.py): add new param `new_key` for setting the regenerated key value

user request

* test: add unit tests

* fix(pass_through_endpoints.py): use data instead of json for passthrough requests

fixes bedrock latency issue

* Revert "fix(pass_through_endpoints.py): use data instead of json for passthrough requests"

This reverts commit 021dfd9165f837d37e6aad247ccbd0d2e8ca6043.
2025-06-26 21:56:03 -07:00
Cole McIntosh e4bc213bfe fix(proxy): Add managed_files hook to test_mock_create_audio_file
The test was failing because the managed_files hook was not configured.
This fix adds a DummyManagedFiles class and mocks the create_file
function as an AsyncMock to ensure proper test execution.
2025-06-26 10:42:25 -06:00
Krish Dholakia e2f6fb2d7c Managed Files + Batches - filter deployments to only those where file was written + save all model file id mappings in DB (prev just 1st one) (#12048)
* test(test_router.py): initial unit test confirming router.afile_content uses dynamic api key / api base

* fix(managed_files.py): filter deployments for only those within file id mapping

ensure call works - only route to models where the file was written

* fix(proxy_server.py): fix loading in model ids from config, if config id is int

* fix(router.py): return all model file id mappings on create_file

if multiple deployments - this ensures all the file id mappings are bubbled up

Fixes issue when trying to use loadbalanced deployments - only 1 file id mapping was being stored
2025-06-25 21:27:06 -07:00
Ishaan Jaff de86246e14 test fixes 2025-06-25 18:42:06 -07:00
Krish Dholakia 1a4ad8bf18 Update mistral 'supports_response_schema' field + Fix ollama embedding (#12024)
* build(model_prices_and_context_window.json): update all mistral models (besides codestral-mamba) to indicate support for response schema

Closes https://github.com/BerriAI/litellm/issues/12012

* fix(route_llm_request.py): if llm router is not initialized, go straight through to litellm sdk

Fixes https://github.com/BerriAI/litellm/issues/12008

* test: add unit test

* fix(ollama_embeddings): fix unecessary await

Fixes https://github.com/BerriAI/litellm/issues/11997

* test: update ollama embedding tests
2025-06-25 07:20:13 -07:00
Krish Dholakia ac15ca3014 Teams - Support default key expiry + UI - support enforcing access for members of specific SSO Group (#12023)
* fix(team_endpoints.py): support setting default key expiry

allows admin to set key expiry on all team member keys

makes it easier to setup default team for experimentation

* feat(key_management_endpoints.py): allows admin to set duration for keys created by team members

* feat(team_endpoints.py): support team_member_key_duration on `/team/update`

allows setting max time team member keys are valid for

* fix(team_info.tsx): ui component to update team member key duration

* fix(team_info.tsx): support updating team member key duration, if set

* feat(teams.tsx): add team member key duration param ui component

allow admin to set this on UI

* feat(ui_sso.py): support restricting ui access by sso group

allows controlling who can/can't access the UI

* feat(ssomodals.tsx): add initial commit adding sso group access to admin ui

* feat(proxy_server.py): support reading + writing ui_access_mode from db

allows admin to configure allowed sso groups from UI

* feat(ui_sso.py): support enforcing all teams on sso jwt handler

if ui access mode set via ui, support reading the value and enforcing it

* feat(ui/): ui component for controlling sso access group

allow admin to only allow users within specific sso group to log into UI

* fix(uiaccesscontrolform.tsx): fix field names

* feat(ui_sso.py): return received sso response in the clientside error message - enables easier debugging

* test: add unit tests

* fix: minor fixes
2025-06-24 21:58:07 -07:00
Ishaan Jaff b9feb43dac [Bug Fix] SCIM - Ensure new user roles are applied (#12015)
* SCIM fix new user roles

* test_create_user_defaults_to_viewer

* test_create_user_uses_default_internal_user_params_role

* fix default user for SCIM

* fix linting error
2025-06-24 13:22:56 -07:00
Ishaan Jaff b5c48c8c22 [Feat] Add List Callbacks API Endpoint (#11987)
* add get_callbacks_by_type

* add list_callbacks

* fix _get_callback_string

* add callback_management_endpoints_router

* fix proxy config.yaml

* fixes list callbacks

* TestCallbackManagementEndpoints

* update docs

* docs Response Fields

* docs header format

* docs Dynamic Callback Management
2025-06-23 15:34:25 -07:00
Krish Dholakia 7f3d8bb9c5 Management Fixes - don't apply default internal user settings to admins + preserve all model access for teams with empty model list, when team model added + /v2/model/info fixes (#11957)
* fix(internal_user_endpoints.py): don't apply default internal user params if role is admin

prevent internal user restrictions from being applied to admin

* fix(proxy_server.py): fix model info v2 endpoint check - handle user_id being none

* fix(team_endpoints.py): ensure team doesn't lose all model access if set as empty string and new team model added

* fix(proxy_server.py): ensure model with team id is only added as valid for team which has that id
2025-06-21 20:33:10 -07:00