Manifest Structure

Manifest Structure

The .bifrost/ directory contains system-generated YAML files that declare all platform entities in your workspace. These files are used for Git synchronization, validation, and portable workspace definitions.

Caution

Manifest files are read-only. The Code Editor blocks writes to .bifrost/. Do not edit these files manually — they are regenerated automatically when you create, update, or delete platform entities.

Directory Layout

.bifrost/
├── organizations.yaml
├── roles.yaml
├── workflows.yaml
├── integrations.yaml
├── configs.yaml
├── tables.yaml
├── knowledge.yaml
├── events.yaml
├── forms.yaml
├── agents.yaml
└── apps.yaml

Each file corresponds to one entity type. Files are omitted entirely if there are no entities of that type.

Key Files

workflows.yaml

Declares all registered workflows, tools, and data providers:

workflows:
  create_user:
    id: "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
    path: "create_user.py"
    function_name: "create_user"
    type: "workflow"
    category: "User Management"
    tags:
      - onboarding
    endpoint_enabled: false
    timeout_seconds: 1800
  get_departments:
    id: "b2c3d4e5-f6a7-8901-bcde-f12345678901"
    path: "data_providers/departments.py"
    function_name: "get_departments"
    type: "data_provider"

integrations.yaml

Declares integrations with their config schemas and OAuth providers:

integrations:
  microsoft:
    id: "c3d4e5f6-a7b8-9012-cdef-123456789012"
    config_schema:
      - key: "tenant_id"
        type: "string"
        required: true
        description: "Azure AD tenant ID"
    oauth_provider:
      provider_name: "microsoft"
      oauth_flow_type: "authorization_code"
      scopes:
        - "https://graph.microsoft.com/.default"

events.yaml

Declares event sources (webhooks and schedules) with their subscriptions:

events:
  daily_sync:
    id: "d4e5f6a7-b8c9-0123-def0-123456789013"
    source_type: "schedule"
    cron_expression: "0 6 * * *"
    timezone: "America/New_York"
    schedule_enabled: true
    subscriptions:
      - id: "e5f6a7b8-c9d0-1234-ef01-234567890124"
        workflow_id: "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
        is_active: true
  halopsa_tickets:
    id: "f6a7b8c9-d0e1-2345-f012-345678901235"
    source_type: "webhook"
    adapter_name: "halopsa"
    subscriptions:
      - id: "a7b8c9d0-e1f2-3456-0123-456789012346"
        workflow_id: "b2c3d4e5-f6a7-8901-bcde-f12345678901"
        event_type: "ticket.created"
        input_mapping:
          ticket_id: "$.id"

forms.yaml

Declares forms with their access control:

forms:
  Create User:
    id: "b8c9d0e1-f2a3-4567-1234-567890123457"
    path: "forms/b8c9d0e1-f2a3-4567-1234-567890123457.form.yaml"
    roles:
      - "c9d0e1f2-a3b4-5678-2345-678901234568"
    access_level: "role_based"

How Manifests Are Generated

Manifest files are regenerated automatically when:

• Entity CRUD — Creating, updating, or deleting any entity (workflow, form, integration, etc.)
• Git sync — Before committing changes to a connected repository
• Preflight checks — During on-demand validation via POST /api/maintenance/preflight

The generation process uses exclude_defaults=True to keep files concise — fields with default values are omitted.

Cross-Reference Validation

The platform validates manifest integrity by checking that:

• All organization_id references point to declared organizations
• All role references point to declared roles
• Integration config references point to declared integrations
• Event subscription workflow_id references point to declared workflows
• Table application_id references point to declared apps

Validation errors surface during preflight checks and Git sync.