[AI Gateway] Add Workers AI REST API docs and migrate examples to new…#30828
[AI Gateway] Add Workers AI REST API docs and migrate examples to new…#30828ethulia wants to merge 5 commits into
Conversation
github-actions
Bot
added
product:ai-gateway
|
This PR requires additional review attention because it affects the following areas: RedirectsThis PR changes current filenames or deletes current files. Make sure you have redirects set up to cover the following paths:
PartialsThis PR updates partial files, which are pieces of content used across multiple files in our Render component.
|
|
This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:
|
… endpoint - Add new rest-api.mdx page documenting /ai/run, /ai/v1/chat/completions, and /ai/v1/responses endpoints for calling any model via the Cloudflare API - Deprecate /compat/chat/completions endpoint on chat-completion.mdx - Update get-started, unified-billing, caching, authentication, request-handling, logging, custom-metadata, and workersai pages to use api.cloudflare.com examples instead of gateway.ai.cloudflare.com - Update chat-completions-providers partial (affects all provider pages) - Delete redundant deploy-aig-worker tutorial - Update supported-models and worker-binding-methods references
ethulia
force-pushed
the
mlu/ai-gateway-rest-api-docs
branch
from
b05d368 to
b9e9fa9
Compare
ethulia
requested review from
a team,
kathayl,
mattrothenberg,
mchenco,
palashgo,
roerohan,
superhighfives and
zeke
as code owners
![ask-bonk[bot]](https://avatars.githubusercontent.com/in/2454580?s=60&v=4){kind=small}
There was a problem hiding this comment.
1 high-priority model ID issue, 1 content discrepancy, and 1 style fix to resolve before merge.
HIGH
rest-api.mdxlistsanthropic/claude-sonnet-4as an example model, but the supported models catalog listsclaude-sonnet-4-5,claude-sonnet-4-5-20250929, andclaude-sonnet-4-20250514. Please use a valid model ID from the catalog so the copy-paste example works.manage-gateway.mdxstates that auto-creating thedefaultgateway requires thecf-aig-authorizationheader, whileget-started.mdxshows users callingapi.cloudflare.comwith the standardAuthorizationheader and claims the default gateway is auto-created. Clarify whether theAuthorizationheader on the Workers AI REST API also triggers auto-creation.
MEDIUM
custom-metadata.mdxchanges a Worker script block but still uses a barejavascriptfence. Per the style guide, Worker code must be wrapped in<TypeScriptExample>. See inline comment.
| Models use the `author/model` format: | ||
|
|
||
| - `openai/gpt-4.1` — OpenAI | ||
| - `anthropic/claude-sonnet-4` — Anthropic |
There was a problem hiding this comment.
The supported-models catalog does not list a model called claude-sonnet-4. Use the exact model ID from the catalog (for example, claude-sonnet-4-5) so this example works when copied.
There was a problem hiding this comment.
Claude sonnet 4 is a model: https://developers.cloudflare.com/ai/models/anthropic/claude-sonnet-4/
| The request that triggers auto-creation must include a valid `cf-aig-authorization` header. An unauthenticated request to a `default` gateway that does not yet exist does not create the gateway. | ||
| This means you can start sending requests without creating a gateway first — AI Gateway handles gateway creation for you. | ||
|
|
||
| The request that triggers auto-creation must include a valid `cf-aig-authorization` header. An unauthenticated request to a `default` gateway that does not yet exist does not create the gateway. For Workers AI bindings, the account identity from the binding is used instead of the header. |
There was a problem hiding this comment.
This says auto-creation requires cf-aig-authorization. However, get-started.mdx shows the new REST API using Authorization: Bearer and claims the default gateway is auto-created. Are api.cloudflare.com requests with Authorization also eligible for auto-creation? If so, this line should mention both headers.
|
|
||
| :::note | ||
| AI Gateway automatically creates a gateway for you on the first request. The gateway is created with [authentication](/ai-gateway/configuration/authentication/) turned on, so the `cf-aig-authorization` header is required for all requests. For more details on how the default gateway works, refer to [Default gateway](/ai-gateway/configuration/manage-gateway/#default-gateway). | ||
| You do not need to create a gateway before sending requests. When no gateway ID is specified, AI Gateway uses `default` as the gateway ID and automatically creates it on the first authenticated request. To use a specific gateway, add the `cf-aig-gateway-id` header to your request. For more details, refer to [Default gateway](/ai-gateway/configuration/manage-gateway/#default-gateway). |
There was a problem hiding this comment.
This note says the default gateway is auto-created on the first authenticated request, but manage-gateway.mdx states auto-creation requires the cf-aig-authorization header. Please confirm that the Authorization header used here triggers auto-creation, and update manage-gateway.mdx accordingly if so.
| @@ -60,15 +60,15 @@ import OpenAI from "openai"; | |||
|
|
|||
There was a problem hiding this comment.
This block shows a Worker script (export default { fetch }). Per the style guide, Worker code must be wrapped in <TypeScriptExample> instead of a bare javascript fence. You will also need to add import { TypeScriptExample } from "~/components"; after the frontmatter block.
|
I reviewed PR #30828 and added the Summary of changesThis PR introduces the Workers AI REST API ( Issues flaggedI posted a review with 4 inline comments. The items that need attention before merge are: HIGH
MEDIUM
The redirect for the deleted tutorial ( |
|
/bonk review this |
|
@ethulia Bonk workflow was cancelled. View workflow run · To retry, trigger Bonk again. |
|
/bonk review this |
| --- | ||
|
|
||
| The following models are supported for [unified billing](/ai-gateway/features/unified-billing/) when using the AI Gateway REST API, including the [OpenAI-compatible endpoint](/ai-gateway/usage/chat-completion/) and [provider-native endpoints](/ai-gateway/usage/providers/). | ||
| The following models are supported for [unified billing](/ai-gateway/features/unified-billing/) when using the [OpenAI-compatible endpoint](/ai-gateway/usage/chat-completion/) or [provider-native endpoints](/ai-gateway/usage/providers/). |
There was a problem hiding this comment.
Add the REST API to the list since it is the new primary way to call third-party models with Unified Billing:
|
I have completed my review of PR #30828. Verdict: All three issues flagged in the previous MEDIUM (2 suggestions posted inline):
On the model ID point: while |
|
|
||
| If Authenticated Gateway is enabled but a request does not include the required `cf-aig-authorization` header, the request will fail. This setting ensures that only verified requests pass through the gateway. To bypass the need for the `cf-aig-authorization` header, make sure to disable Authenticated Gateway. | ||
| ::: | ||
| When using the [REST API](/ai-gateway/usage/rest-api/), pass your Cloudflare API token in the standard `Authorization` header. When using [provider-native endpoints](/ai-gateway/usage/providers/) at `gateway.ai.cloudflare.com`, use the `cf-aig-authorization` header instead. |
There was a problem hiding this comment.
the unified Cloudflare REST API?
There was a problem hiding this comment.
IMO qualifiers like "unified" only makes sense to people who knew that it was not unified before? but if you're looking at this fresh, it's just the REST API. And if you check the Workers AI docs seeing that it's the same just makes sense.
There was a problem hiding this comment.
i do think we should add a Deprecation note
about how gateway.ai.cloudflare.com will still work, but we suggest everyone migrate to the new REST API endpoint?
|
|
||
| 1. Go to the Settings for the specific gateway you want to enable authentication for. | ||
| 2. Select **Create authentication token** to generate a custom token with the required `Run` permissions. Be sure to securely save this token, as it will not be displayed again. | ||
| 3. Include the `cf-aig-authorization` header with your API token in each request for this gateway. |
There was a problem hiding this comment.
i think we should tab this so it's:
3. Include the API token:
- If using the unified AI Rest API
/ai/run, include Cloudflare API token in the standardAuthorizationheader - If using the provider-native endpoints at
gateway.ai.cloudflare.com, use thecf-aig-authorizationheader
| defaultHeaders: { | ||
| "cf-aig-authorization": `Bearer {token}`, | ||
| }, | ||
| apiKey: CLOUDFLARE_API_TOKEN, |
There was a problem hiding this comment.
is it not process.env.CLOUDFLARE_API_TOKEN? (idk)
| - `openai/gpt-4.1` — OpenAI | ||
| - `anthropic/claude-sonnet-4` — Anthropic | ||
| - `google-ai-studio/gemini-2.5-flash` — Google AI Studio | ||
| - `meta/llama-3.3-70b-instruct-fp8-fast` — Workers AI (Llama) |
There was a problem hiding this comment.
can we make this kimi :) moonshotai/kimi-k2.6
| } | ||
| ``` | ||
|
|
||
| When omitted, Cloudflare routes the request to the preferred provider for that model. |
There was a problem hiding this comment.
or just move this above the code block imo
|
|
||
| - `openai/gpt-4.1` — OpenAI | ||
| - `anthropic/claude-sonnet-4` — Anthropic | ||
| - `google-ai-studio/gemini-2.5-flash` — Google AI Studio |
There was a problem hiding this comment.
this would be google/gemini-3-flash, for example
There was a problem hiding this comment.
ah thank you good catch
10 participants
… endpoint
Summary
Screenshots (optional)
Documentation checklist