Skip to content
Claude Code Internal Analysis

Models, providers, and auth

This page maps the authentication and provider-selection surfaces visible in the extracted cli.js.

Source anchors

Semantic aliasSourceApproximate locationString or symbolMeaning
SdkCredentialInitializercli.jsline ~43, byte 0x264c0ANTHROPIC_API_KEY, ANTHROPIC_AUTH_TOKENEmbedded SDK credential initialization path.
RuntimeApiKeyLookupcli.jsline ~407, byte 0x2c6284process.env.ANTHROPIC_API_KEYRuntime API-key lookup helper.
BearerTokenHeaderPathcli.jsline ~404, byte 0x2c0d1eANTHROPIC_AUTH_TOKENBearer-token authorization header path.
BedrockProviderGatecli.jsline ~253, byte 0x1ed452CLAUDE_CODE_USE_BEDROCKProvider classifier branch.
AnthropicAwsProviderGatecli.jsline ~253, byte 0x1ed4b6CLAUDE_CODE_USE_ANTHROPIC_AWSAnthropic AWS provider branch.
MantleProviderGatecli.jsline ~253, byte 0x1ed4f3CLAUDE_CODE_USE_MANTLEMantle provider branch.
VertexProviderGatecli.jsline ~253, byte 0x1ed523CLAUDE_CODE_USE_VERTEXVertex provider branch.
MainModelEnvOverridecli.jsline ~253, byte 0x20ed29ANTHROPIC_MODELModel selection environment variable.
SmallFastModelOverridecli.jsline ~253, byte 0x20eb73ANTHROPIC_SMALL_FAST_MODELSmall/fast model override.
ModelSelectionFlagcli.jsline ~19525, byte 0xdc18e4--model <model>Root model-selection flag.
FallbackModelFlagcli.jsline ~19525, byte 0xdc1b54--fallback-model <model>Print-mode fallback model flag.

Provider selection

The provider classifier visible around Dq() uses environment gates to choose a provider family. Confirmed strings include:

Provider familyHigh-signal env vars
First-party/defaultabsence of provider-specific gates; OAuth/API-key helpers still apply.
BedrockCLAUDE_CODE_USE_BEDROCK
VertexCLAUDE_CODE_USE_VERTEX
FoundryCLAUDE_CODE_USE_FOUNDRY
Anthropic AWSCLAUDE_CODE_USE_ANTHROPIC_AWS
MantleCLAUDE_CODE_USE_MANTLE

The bundle also contains region/base URL surfaces such as AWS_REGION, AWS_DEFAULT_REGION, CLOUD_ML_REGION, and ANTHROPIC_BASE_URL.

Credential sources

flowchart TD
    Env[Environment variables] --> Auth[Credential resolver]
    KeyHelper[apiKeyHelper / keychain helper] --> Auth
    OAuthFd[CLAUDE_CODE_OAUTH_TOKEN_FILE_DESCRIPTOR] --> Auth
    ApiFd[CLAUDE_CODE_API_KEY_FILE_DESCRIPTOR] --> Auth
    SessionToken[CLAUDE_CODE_SESSION_ACCESS_TOKEN] --> Remote[Remote/session auth]
    Auth --> Provider[Provider request]

Confirmed credential surfaces include:

  • ANTHROPIC_API_KEY
  • ANTHROPIC_AUTH_TOKEN
  • CLAUDE_CODE_OAUTH_TOKEN
  • CLAUDE_CODE_OAUTH_TOKEN_FILE_DESCRIPTOR
  • CLAUDE_CODE_API_KEY_FILE_DESCRIPTOR
  • apiKeyHelper
  • enterpriseGateway

Model and budget flags

SurfaceRuntime implication
--model <model>Selects a model alias or concrete model for the session.
ANTHROPIC_MODELEnvironment-level default model source.
ANTHROPIC_SMALL_FAST_MODELOverrides the small/fast model used by helper paths.
--fallback-model <model>Enables a print-mode fallback when the default model is overloaded.
--thinking, --thinking-display, --max-thinking-tokensControls thinking mode and legacy thinking-token budget.
--max-budget-usd, --task-budget, --max-turnsEnforces budget/turn constraints in headless or task-like paths.
--betas <betas...>Adds beta headers for API-key users.

For the detailed runtime model resolver, logical model roles, provider-call shape, retries, rate-limit events, usage accounting, quota probes, and billing/overage UI, see Model selection, calls, usage, quota, and billing.

Error and availability hints

The bundle contains model/provider error strings that point users toward --model or /model when a deployment lacks a requested model. This supports the interpretation that model choice is both a CLI flag and an interactive command surface.

Caveats

  • The bundled Anthropic SDK documentation strings include many API examples. This page only treats strings as runtime evidence when they connect to env-variable lookup, root flags, or provider classifier code.
  • Provider names and env gates are source-anchored for this build; behavior can change across package versions.

Created and maintained by Yingting Huang.