From 4388802dcb39ee23e3dd68c719a3ea160e11a009 Mon Sep 17 00:00:00 2001
From: Spherrrical <malikmusa1323@gmail.com>
Date: Wed, 6 May 2026 17:02:31 -0700
Subject: [PATCH 1/3] feat(plugin): add DigitalOcean OAuth + Inference Routers

Adds a built-in DigitalOcean plugin to the opencode package supporting
both OAuth (implicit flow) and Model Access Key authentication. After
OAuth, a Model Access Key is auto-created and the user's Inference
Routers are surfaced as router:<name> entries on the digitalocean
provider, refreshable on /connect.

Threads optional metadata through AuthHook results so plugins can
persist OAuth tokens and cached router lists alongside the API key.

Surfaces routers under a "DigitalOcean | Inference Routers" group in
both the TUI and web/desktop model pickers, sorted above base DO
models. Adds the DigitalOcean provider icon to the icon sprite.
---
 .../src/components/dialog-select-model.tsx    |  19 +-
 packages/opencode/src/cli/cmd/providers.ts    |   5 +-
 .../cli/cmd/tui/component/dialog-model.tsx    |  37 +-
 packages/opencode/src/plugin/digitalocean.ts  | 431 ++++++++++++++++++
 packages/opencode/src/plugin/index.ts         |   2 +
 packages/opencode/src/provider/auth.ts        |   1 +
 .../test/provider/digitalocean.test.ts        | 176 +++++++
 .../test/tool/fixtures/models-api.json        |  24 +
 packages/plugin/src/index.ts                  |   8 +-
 packages/sdk/js/src/gen/types.gen.ts          |   3 +
 .../assets/icons/provider/digitalocean.svg    |   6 +
 .../src/components/provider-icons/sprite.svg  |  14 +
 .../ui/src/components/provider-icons/types.ts |   1 +
 13 files changed, 704 insertions(+), 23 deletions(-)
 create mode 100644 packages/opencode/src/plugin/digitalocean.ts
 create mode 100644 packages/opencode/test/provider/digitalocean.test.ts
 create mode 100644 packages/ui/src/assets/icons/provider/digitalocean.svg

diff --git a/packages/app/src/components/dialog-select-model.tsx b/packages/app/src/components/dialog-select-model.tsx
index fdef866a79d9..526cfa59b3a6 100644
--- a/packages/app/src/components/dialog-select-model.tsx
+++ b/packages/app/src/components/dialog-select-model.tsx
@@ -45,13 +45,24 @@ const ModelList: Component<{
       current={model.current()}
       filterKeys={["provider.name", "name", "id"]}
       sortBy={(a, b) => a.name.localeCompare(b.name)}
-      groupBy={(x) => x.provider.name}
+      groupBy={(x) => {
+        const isDigitalOceanRouter = x.provider.id === "digitalocean" && x.id.startsWith("router:")
+        return isDigitalOceanRouter ? `${x.provider.name} | Inference Routers` : x.provider.name
+      }}
       sortGroupsBy={(a, b) => {
-        const aProvider = a.items[0].provider.id
-        const bProvider = b.items[0].provider.id
+        const aItem = a.items[0]
+        const bItem = b.items[0]
+        const aProvider = aItem.provider.id
+        const bProvider = bItem.provider.id
         if (popularProviders.includes(aProvider) && !popularProviders.includes(bProvider)) return -1
         if (!popularProviders.includes(aProvider) && popularProviders.includes(bProvider)) return 1
-        return popularProviders.indexOf(aProvider) - popularProviders.indexOf(bProvider)
+        const popularDelta = popularProviders.indexOf(aProvider) - popularProviders.indexOf(bProvider)
+        if (popularDelta !== 0) return popularDelta
+        const aIsRouterGroup = aProvider === "digitalocean" && aItem.id.startsWith("router:")
+        const bIsRouterGroup = bProvider === "digitalocean" && bItem.id.startsWith("router:")
+        if (aIsRouterGroup && !bIsRouterGroup) return -1
+        if (!aIsRouterGroup && bIsRouterGroup) return 1
+        return 0
       }}
       itemWrapper={(item, node) => (
         <Tooltip
diff --git a/packages/opencode/src/cli/cmd/providers.ts b/packages/opencode/src/cli/cmd/providers.ts
index 749139e2dcd6..426ea89fc56c 100644
--- a/packages/opencode/src/cli/cmd/providers.ts
+++ b/packages/opencode/src/cli/cmd/providers.ts
@@ -124,6 +124,7 @@ const handlePluginAuth = Effect.fn("Cli.providers.pluginAuth")(function* (
           yield* put(saveProvider, {
             type: "api",
             key: result.key,
+            ...(result.metadata ? { metadata: result.metadata } : {}),
           })
         }
         yield* spinner.stop("Login successful")
@@ -156,6 +157,7 @@ const handlePluginAuth = Effect.fn("Cli.providers.pluginAuth")(function* (
           yield* put(saveProvider, {
             type: "api",
             key: result.key,
+            ...(result.metadata ? { metadata: result.metadata } : {}),
           })
         }
         yield* Prompt.log.success("Login successful")
@@ -191,10 +193,11 @@ const handlePluginAuth = Effect.fn("Cli.providers.pluginAuth")(function* (
     }
     if (result.type === "success") {
       const saveProvider = result.provider ?? provider
+      const merged = { ...(metadata.metadata ?? {}), ...(result.metadata ?? {}) }
       yield* put(saveProvider, {
         type: "api",
         key: result.key ?? apiKey,
-        ...metadata,
+        ...(Object.keys(merged).length ? { metadata: merged } : {}),
       })
       yield* Prompt.log.success("Login successful")
     }
diff --git a/packages/opencode/src/cli/cmd/tui/component/dialog-model.tsx b/packages/opencode/src/cli/cmd/tui/component/dialog-model.tsx
index 06723f3c2bd3..df6766198c2e 100644
--- a/packages/opencode/src/cli/cmd/tui/component/dialog-model.tsx
+++ b/packages/opencode/src/cli/cmd/tui/component/dialog-model.tsx
@@ -35,12 +35,13 @@ export function DialogModel(props: { providerID?: string }) {
         if (!provider) return []
         const model = provider.models[item.modelID]
         if (!model) return []
+        const isDigitalOceanRouter = provider.id === "digitalocean" && model.id.startsWith("router:")
         return [
           {
             key: item,
             value: { providerID: provider.id, modelID: model.id },
             title: model.name ?? item.modelID,
-            description: provider.name,
+            description: isDigitalOceanRouter ? `${provider.name} Inference Router` : provider.name,
             category,
             disabled: provider.id === "opencode" && model.id.includes("-nano"),
             footer: model.cost?.input === 0 && provider.id === "opencode" ? "Free" : undefined,
@@ -72,19 +73,26 @@ export function DialogModel(props: { providerID?: string }) {
           entries(),
           filter(([_, info]) => info.status !== "deprecated"),
           filter(([_, info]) => (props.providerID ? info.providerID === props.providerID : true)),
-          map(([model, info]) => ({
-            value: { providerID: provider.id, modelID: model },
-            title: info.name ?? model,
-            description: favorites.some((item) => item.providerID === provider.id && item.modelID === model)
-              ? "(Favorite)"
-              : undefined,
-            category: connected() ? provider.name : undefined,
-            disabled: provider.id === "opencode" && model.includes("-nano"),
-            footer: info.cost?.input === 0 && provider.id === "opencode" ? "Free" : undefined,
-            onSelect() {
-              onSelect(provider.id, model)
-            },
-          })),
+          map(([model, info]) => {
+            const isDigitalOceanRouter = provider.id === "digitalocean" && model.startsWith("router:")
+            return {
+              value: { providerID: provider.id, modelID: model },
+              title: info.name ?? model,
+              description: favorites.some((item) => item.providerID === provider.id && item.modelID === model)
+                ? "(Favorite)"
+                : undefined,
+              category: connected()
+                ? isDigitalOceanRouter
+                  ? `${provider.name} | Inference Routers`
+                  : provider.name
+                : undefined,
+              disabled: provider.id === "opencode" && model.includes("-nano"),
+              footer: info.cost?.input === 0 && provider.id === "opencode" ? "Free" : undefined,
+              onSelect() {
+                onSelect(provider.id, model)
+              },
+            }
+          }),
           filter((x) => {
             if (!showSections) return true
             if (favorites.some((item) => item.providerID === x.value.providerID && item.modelID === x.value.modelID))
@@ -95,6 +103,7 @@ export function DialogModel(props: { providerID?: string }) {
           }),
           sortBy(
             (x) => x.footer !== "Free",
+            (x) => (x.category?.includes("Inference Routers") ? 0 : 1),
             (x) => x.title,
           ),
         ),
diff --git a/packages/opencode/src/plugin/digitalocean.ts b/packages/opencode/src/plugin/digitalocean.ts
new file mode 100644
index 000000000000..2e36064139ea
--- /dev/null
+++ b/packages/opencode/src/plugin/digitalocean.ts
@@ -0,0 +1,431 @@
+import type { Hooks, PluginInput } from "@opencode-ai/plugin"
+import type { Model } from "@opencode-ai/sdk/v2"
+import * as Log from "@opencode-ai/core/util/log"
+import { InstallationVersion } from "@opencode-ai/core/installation/version"
+import { createServer } from "http"
+
+const log = Log.create({ service: "plugin.digitalocean" })
+
+const DO_OAUTH_CLIENT_ID = "b1a6c5158156caac821fd1b30253ca8acb52454a48fa744420e41889cb589f82"
+const DO_AUTHORIZE_URL = "https://cloud.digitalocean.com/v1/oauth/authorize"
+const DO_API_BASE = "https://api.digitalocean.com"
+const DO_INFERENCE_BASE = "https://inference.do-ai.run/v1"
+const OAUTH_PORT = 1456
+const OAUTH_REDIRECT_PATH = "/auth/callback"
+const OAUTH_TOKEN_PATH = "/auth/token"
+const ROUTER_REFRESH_INTERVAL_MS = 5 * 60 * 1000
+const MAK_NAME_PREFIX = "opencode-oauth"
+
+interface ImplicitTokenPayload {
+  access_token: string
+  expires_in: number
+  state: string
+}
+
+interface PendingOAuth {
+  state: string
+  resolve: (tokens: ImplicitTokenPayload) => void
+  reject: (error: Error) => void
+}
+
+interface ApiKeyInfo {
+  uuid: string
+  name: string
+  secret_key: string
+}
+
+interface RouterEntry {
+  name: string
+  uuid?: string
+  description?: string
+}
+
+let oauthServer: ReturnType<typeof createServer> | undefined
+let pendingOAuth: PendingOAuth | undefined
+
+function generateState(): string {
+  const bytes = crypto.getRandomValues(new Uint8Array(32))
+  return Array.from(bytes)
+    .map((b) => b.toString(16).padStart(2, "0"))
+    .join("")
+}
+
+function redirectUri(): string {
+  return `http://localhost:${OAUTH_PORT}${OAUTH_REDIRECT_PATH}`
+}
+
+function buildAuthorizeUrl(state: string): string {
+  const params = new URLSearchParams({
+    response_type: "token",
+    client_id: DO_OAUTH_CLIENT_ID,
+    redirect_uri: redirectUri(),
+    scope: "read write",
+    state,
+  })
+  return `${DO_AUTHORIZE_URL}?${params.toString()}`
+}
+
+const HTML_CALLBACK = `<!doctype html>
+<html>
+  <head>
+    <meta charset="utf-8" />
+    <title>OpenCode - DigitalOcean Authorization</title>
+    <style>
+      body { font-family: system-ui, -apple-system, sans-serif; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background: #0b1220; color: #e8eef9; }
+      .container { text-align: center; padding: 2rem; max-width: 32rem; }
+      h1 { color: #e8eef9; margin-bottom: 1rem; }
+      p { color: #9aa9c0; }
+      .error { color: #ff917b; font-family: monospace; margin-top: 1rem; padding: 1rem; background: #3c140d; border-radius: 0.5rem; }
+    </style>
+  </head>
+  <body>
+    <div class="container">
+      <h1 id="title">Finishing sign-in...</h1>
+      <p id="msg">You can close this window once it says you're signed in.</p>
+    </div>
+    <script>
+      (async function() {
+        function parseHash(hash) {
+          if (!hash || hash.length < 2) return {}
+          const out = {}
+          for (const part of hash.slice(1).split("&")) {
+            const [k, v] = part.split("=")
+            if (!k) continue
+            out[decodeURIComponent(k)] = v == null ? "" : decodeURIComponent(v)
+          }
+          return out
+        }
+        const params = parseHash(window.location.hash)
+        const search = new URLSearchParams(window.location.search)
+        const error = params.error || search.get("error")
+        const errorDescription = params.error_description || search.get("error_description")
+        const titleEl = document.getElementById("title")
+        const msgEl = document.getElementById("msg")
+        try {
+          const body = error
+            ? { error, error_description: errorDescription || "" }
+            : { access_token: params.access_token || "", expires_in: params.expires_in || "0", state: params.state || "" }
+          await fetch(${JSON.stringify(OAUTH_TOKEN_PATH)}, {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify(body),
+          })
+          if (error) {
+            titleEl.textContent = "Authorization Failed"
+            msgEl.textContent = errorDescription || error
+            msgEl.className = "error"
+            return
+          }
+          titleEl.textContent = "Authorization Successful"
+          msgEl.textContent = "You can close this window and return to OpenCode."
+          setTimeout(function () { window.close() }, 2000)
+        } catch (e) {
+          titleEl.textContent = "Authorization Failed"
+          msgEl.textContent = String(e && e.message ? e.message : e)
+          msgEl.className = "error"
+        }
+      })()
+    </script>
+  </body>
+</html>`
+
+async function startOAuthServer(): Promise<void> {
+  if (oauthServer) return
+  oauthServer = createServer((req, res) => {
+    const url = new URL(req.url || "/", `http://localhost:${OAUTH_PORT}`)
+
+    if (req.method === "GET" && url.pathname === OAUTH_REDIRECT_PATH) {
+      res.writeHead(200, { "Content-Type": "text/html" })
+      res.end(HTML_CALLBACK)
+      return
+    }
+
+    if (req.method === "POST" && url.pathname === OAUTH_TOKEN_PATH) {
+      const chunks: Buffer[] = []
+      req.on("data", (chunk: Buffer) => chunks.push(chunk))
+      req.on("end", () => {
+        const raw = Buffer.concat(chunks).toString("utf8")
+        let body: Record<string, string> = {}
+        try {
+          body = raw ? JSON.parse(raw) : {}
+        } catch {
+          body = {}
+        }
+        if (!pendingOAuth) {
+          res.writeHead(409, { "Content-Type": "application/json" })
+          res.end(JSON.stringify({ error: "no_pending_oauth" }))
+          return
+        }
+        if (body.error) {
+          const message = body.error_description || body.error || "OAuth error"
+          pendingOAuth.reject(new Error(String(message)))
+          pendingOAuth = undefined
+          res.writeHead(200, { "Content-Type": "application/json" })
+          res.end(JSON.stringify({ ok: true }))
+          return
+        }
+        if (!body.access_token) {
+          pendingOAuth.reject(new Error("Missing access_token in callback"))
+          pendingOAuth = undefined
+          res.writeHead(400, { "Content-Type": "application/json" })
+          res.end(JSON.stringify({ error: "missing_access_token" }))
+          return
+        }
+        if (body.state !== pendingOAuth.state) {
+          pendingOAuth.reject(new Error("Invalid state - potential CSRF attack"))
+          pendingOAuth = undefined
+          res.writeHead(400, { "Content-Type": "application/json" })
+          res.end(JSON.stringify({ error: "invalid_state" }))
+          return
+        }
+        const expires = parseInt(body.expires_in || "0", 10)
+        pendingOAuth.resolve({
+          access_token: body.access_token,
+          expires_in: Number.isFinite(expires) && expires > 0 ? expires : 60 * 60 * 24 * 30,
+          state: body.state,
+        })
+        pendingOAuth = undefined
+        res.writeHead(200, { "Content-Type": "application/json" })
+        res.end(JSON.stringify({ ok: true }))
+      })
+      return
+    }
+
+    res.writeHead(404)
+    res.end("Not found")
+  })
+
+  await new Promise<void>((resolve, reject) => {
+    oauthServer!.listen(OAUTH_PORT, () => {
+      log.info("digitalocean oauth server started", { port: OAUTH_PORT })
+      resolve()
+    })
+    oauthServer!.on("error", reject)
+  })
+}
+
+function stopOAuthServer() {
+  if (!oauthServer) return
+  oauthServer.close(() => log.info("digitalocean oauth server stopped"))
+  oauthServer = undefined
+}
+
+function waitForOAuthCallback(state: string): Promise<ImplicitTokenPayload> {
+  return new Promise((resolve, reject) => {
+    const timeout = setTimeout(
+      () => {
+        if (pendingOAuth) {
+          pendingOAuth = undefined
+          reject(new Error("OAuth callback timeout - authorization took too long"))
+        }
+      },
+      5 * 60 * 1000,
+    )
+    pendingOAuth = {
+      state,
+      resolve: (tokens) => {
+        clearTimeout(timeout)
+        resolve(tokens)
+      },
+      reject: (error) => {
+        clearTimeout(timeout)
+        reject(error)
+      },
+    }
+  })
+}
+
+async function createModelAccessKey(bearer: string): Promise<ApiKeyInfo> {
+  // Suffix-on-collision strategy keeps re-`/connect` non-destructive.
+  const name = `${MAK_NAME_PREFIX}-${Math.floor(Date.now() / 1000)}`
+  const res = await fetch(`${DO_API_BASE}/v2/gen-ai/models/api_keys`, {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${bearer}`,
+      "Content-Type": "application/json",
+      "User-Agent": `opencode/${InstallationVersion}`,
+    },
+    body: JSON.stringify({ name }),
+  })
+  if (!res.ok) {
+    const body = await res.text().catch(() => "")
+    throw new Error(`Failed to create Model Access Key (${res.status}): ${body}`)
+  }
+  const data = (await res.json()) as { api_key_info?: ApiKeyInfo }
+  if (!data.api_key_info?.secret_key) throw new Error("Model Access Key response missing secret_key")
+  return data.api_key_info
+}
+
+async function listRouters(bearer: string): Promise<{ ok: true; routers: RouterEntry[] } | { ok: false; status: number }> {
+  const res = await fetch(`${DO_API_BASE}/v2/gen-ai/models/routers`, {
+    headers: {
+      Authorization: `Bearer ${bearer}`,
+      Accept: "application/json",
+      "User-Agent": `opencode/${InstallationVersion}`,
+    },
+    signal: AbortSignal.timeout(10_000),
+  }).catch(() => undefined)
+  if (!res) return { ok: false, status: 0 }
+  if (!res.ok) return { ok: false, status: res.status }
+  const body = (await res.json().catch(() => undefined)) as { model_routers?: RouterEntry[] } | undefined
+  return { ok: true, routers: body?.model_routers ?? [] }
+}
+
+function routerModel(router: RouterEntry, providerID: string): Model {
+  const id = `router:${router.name}`
+  return {
+    id,
+    providerID,
+    name: router.name,
+    family: "digitalocean-inference-routers",
+    api: { id, url: DO_INFERENCE_BASE, npm: "@ai-sdk/openai-compatible" },
+    status: "active",
+    headers: {},
+    options: {},
+    cost: { input: 0, output: 0, cache: { read: 0, write: 0 } },
+    limit: { context: 128_000, output: 8_192 },
+    capabilities: {
+      temperature: true,
+      reasoning: false,
+      attachment: false,
+      toolcall: true,
+      input: { text: true, audio: false, image: false, video: false, pdf: false },
+      output: { text: true, audio: false, image: false, video: false, pdf: false },
+      interleaved: false,
+    },
+    release_date: "",
+    variants: {},
+  }
+}
+
+function parseRoutersJSON(raw: string | undefined): RouterEntry[] {
+  if (!raw) return []
+  try {
+    const parsed = JSON.parse(raw)
+    if (!Array.isArray(parsed)) return []
+    return parsed.flatMap((r) => (r && typeof r.name === "string" ? [{ name: r.name, uuid: r.uuid, description: r.description }] : []))
+  } catch {
+    return []
+  }
+}
+
+export async function DigitalOceanAuthPlugin(input: PluginInput): Promise<Hooks> {
+  return {
+    provider: {
+      id: "digitalocean",
+      async models(provider, ctx) {
+        const baseModels = provider.models
+        if (ctx.auth?.type !== "api") return baseModels
+
+        const metadata = ctx.auth.metadata ?? {}
+        const oauthAccess = metadata["oauth_access"]
+        const oauthExpires = parseInt(metadata["oauth_expires"] || "0", 10)
+        const fetchedAt = parseInt(metadata["routers_fetched_at"] || "0", 10)
+        const cached = parseRoutersJSON(metadata["routers"])
+
+        let routers = cached
+        const stale = Date.now() - fetchedAt > ROUTER_REFRESH_INTERVAL_MS
+        const bearerValid = oauthAccess && oauthExpires > Date.now()
+
+        if (bearerValid && stale) {
+          const result = await listRouters(oauthAccess)
+          if (result.ok) {
+            routers = result.routers
+            const updated: Record<string, string> = {
+              ...metadata,
+              routers: JSON.stringify(routers.map((r) => ({ name: r.name, uuid: r.uuid, description: r.description }))),
+              routers_fetched_at: String(Date.now()),
+            }
+            await input.client.auth
+              .set({
+                path: { id: "digitalocean" },
+                body: { type: "api", key: ctx.auth.key, metadata: updated },
+              })
+              .catch((err) => log.warn("failed to persist refreshed routers", { error: err }))
+          } else if (result.status === 401 || result.status === 403) {
+            log.warn("digitalocean oauth bearer rejected; using cached routers", { status: result.status })
+          } else if (result.status !== 0) {
+            log.warn("digitalocean router refresh failed", { status: result.status })
+          }
+        }
+
+        const merged: Record<string, Model> = { ...baseModels }
+        for (const router of routers) {
+          const id = `router:${router.name}`
+          if (merged[id]) continue
+          merged[id] = routerModel(router, "digitalocean")
+        }
+        return merged
+      },
+    },
+    auth: {
+      provider: "digitalocean",
+      methods: [
+        {
+          type: "oauth",
+          label: "Login with DigitalOcean",
+          async authorize() {
+            await startOAuthServer()
+            const state = generateState()
+            const callbackPromise = waitForOAuthCallback(state)
+            return {
+              url: buildAuthorizeUrl(state),
+              instructions:
+                "Sign in to DigitalOcean in your browser. OpenCode will create a Model Access Key named opencode-oauth-* and load your Inference Routers. Re-run /connect to refresh routers later.",
+              method: "auto" as const,
+              async callback() {
+                try {
+                  const tokens = await callbackPromise
+                  const apiKeyInfo = await createModelAccessKey(tokens.access_token)
+                  const routerResult = await listRouters(tokens.access_token)
+                  const routers = routerResult.ok ? routerResult.routers : []
+                  if (!routerResult.ok) {
+                    log.warn("digitalocean initial router fetch failed", { status: routerResult.status })
+                  }
+                  return {
+                    type: "success" as const,
+                    provider: "digitalocean",
+                    key: apiKeyInfo.secret_key,
+                    metadata: {
+                      mak_uuid: apiKeyInfo.uuid,
+                      mak_name: apiKeyInfo.name,
+                      oauth_access: tokens.access_token,
+                      oauth_expires: String(Date.now() + tokens.expires_in * 1000),
+                      routers: JSON.stringify(
+                        routers.map((r) => ({ name: r.name, uuid: r.uuid, description: r.description })),
+                      ),
+                      routers_fetched_at: String(Date.now()),
+                    },
+                  }
+                } catch (err) {
+                  log.error("digitalocean oauth callback failed", { error: err })
+                  return { type: "failed" as const }
+                } finally {
+                  stopOAuthServer()
+                }
+              },
+            }
+          },
+        },
+        {
+          type: "api",
+          label: "Paste Model Access Key",
+          prompts: [
+            {
+              type: "text",
+              key: "key",
+              message: "Enter your DigitalOcean Model Access Key",
+              placeholder: "sk_do_...",
+              validate: (value) => (value && value.length > 0 ? undefined : "Required"),
+            },
+          ],
+          async authorize(inputs = {}) {
+            const key = inputs["key"]
+            if (!key) return { type: "failed" as const }
+            return { type: "success" as const, provider: "digitalocean", key }
+          },
+        },
+      ],
+    },
+  }
+}
diff --git a/packages/opencode/src/plugin/index.ts b/packages/opencode/src/plugin/index.ts
index 7a7f260df897..68d47916cc38 100644
--- a/packages/opencode/src/plugin/index.ts
+++ b/packages/opencode/src/plugin/index.ts
@@ -19,6 +19,7 @@ import { gitlabAuthPlugin as GitlabAuthPlugin } from "opencode-gitlab-auth"
 import { PoeAuthPlugin } from "opencode-poe-auth"
 import { CloudflareAIGatewayAuthPlugin, CloudflareWorkersAuthPlugin } from "./cloudflare"
 import { AzureAuthPlugin } from "./azure"
+import { DigitalOceanAuthPlugin } from "./digitalocean"
 import { Effect, Layer, Context, Stream } from "effect"
 import { EffectBridge } from "@/effect/bridge"
 import { InstanceState } from "@/effect/instance-state"
@@ -64,6 +65,7 @@ const INTERNAL_PLUGINS: PluginInstance[] = [
   CloudflareWorkersAuthPlugin,
   CloudflareAIGatewayAuthPlugin,
   AzureAuthPlugin,
+  DigitalOceanAuthPlugin,
 ]
 
 function isServerPlugin(value: unknown): value is PluginInstance {
diff --git a/packages/opencode/src/provider/auth.ts b/packages/opencode/src/provider/auth.ts
index 9b2ca33c3192..3f88cb661383 100644
--- a/packages/opencode/src/provider/auth.ts
+++ b/packages/opencode/src/provider/auth.ts
@@ -202,6 +202,7 @@ export const layer: Layer.Layer<Service, never, Auth.Service | Plugin.Service> =
         yield* auth.set(input.providerID, {
           type: "api",
           key: result.key,
+          ...(result.metadata ? { metadata: result.metadata } : {}),
         })
       }
 
diff --git a/packages/opencode/test/provider/digitalocean.test.ts b/packages/opencode/test/provider/digitalocean.test.ts
new file mode 100644
index 000000000000..6fea1f846dc9
--- /dev/null
+++ b/packages/opencode/test/provider/digitalocean.test.ts
@@ -0,0 +1,176 @@
+import { test, expect, afterEach } from "bun:test"
+import path from "path"
+
+import { tmpdir } from "../fixture/fixture"
+import { WithInstance } from "../../src/project/with-instance"
+import { Provider } from "../../src/provider/provider"
+import { ProviderID } from "../../src/provider/schema"
+import { Env } from "../../src/env"
+import { Effect } from "effect"
+import { AppRuntime } from "../../src/effect/app-runtime"
+import { makeRuntime } from "../../src/effect/run-service"
+
+const envRuntime = makeRuntime(Env.Service, Env.defaultLayer)
+const set = (k: string, v: string) => envRuntime.runSync((svc) => svc.set(k, v))
+
+async function list() {
+  return AppRuntime.runPromise(
+    Effect.gen(function* () {
+      const provider = yield* Provider.Service
+      return yield* provider.list()
+    }),
+  )
+}
+
+const DIGITALOCEAN = ProviderID.make("digitalocean")
+
+const originalFetch = globalThis.fetch
+const originalAuthContent = process.env.OPENCODE_AUTH_CONTENT
+afterEach(() => {
+  globalThis.fetch = originalFetch
+  if (originalAuthContent === undefined) delete process.env.OPENCODE_AUTH_CONTENT
+  else process.env.OPENCODE_AUTH_CONTENT = originalAuthContent
+})
+
+function injectAuth(metadata: Record<string, string> | undefined) {
+  process.env.OPENCODE_AUTH_CONTENT = JSON.stringify({
+    digitalocean: {
+      type: "api",
+      key: "sk_do_test",
+      ...(metadata ? { metadata } : {}),
+    },
+  })
+}
+
+test("digitalocean provider autoloads from DIGITALOCEAN_ACCESS_TOKEN", async () => {
+  await using tmp = await tmpdir({
+    init: async (dir) => {
+      await Bun.write(
+        path.join(dir, "opencode.json"),
+        JSON.stringify({ $schema: "https://opencode.ai/config.json" }),
+      )
+    },
+  })
+  await WithInstance.provide({
+    directory: tmp.path,
+    fn: async () => {
+      set("DIGITALOCEAN_ACCESS_TOKEN", "test-token")
+      const providers = await list()
+      expect(providers[DIGITALOCEAN]).toBeDefined()
+      expect(providers[DIGITALOCEAN].source).toBe("env")
+      const baseModel = Object.values(providers[DIGITALOCEAN].models)[0]
+      expect(baseModel.api.url).toBe("https://inference.do-ai.run/v1")
+      expect(baseModel.api.npm).toBe("@ai-sdk/openai-compatible")
+      const routerEntries = Object.keys(providers[DIGITALOCEAN].models).filter((id) => id.startsWith("router:"))
+      expect(routerEntries.length).toBe(0)
+    },
+  })
+})
+
+test("digitalocean provider.models surfaces cached routers from auth metadata", async () => {
+  await using tmp = await tmpdir({
+    init: async (dir) => {
+      await Bun.write(
+        path.join(dir, "opencode.json"),
+        JSON.stringify({ $schema: "https://opencode.ai/config.json" }),
+      )
+    },
+  })
+  let routerFetches = 0
+  globalThis.fetch = (async (input: any, init?: any) => {
+    const url = typeof input === "string" ? input : input instanceof URL ? input.toString() : input.url
+    if (url.includes("/v2/gen-ai/models/routers")) {
+      routerFetches++
+      throw new Error("router endpoint should not be called when cache is fresh")
+    }
+    return originalFetch(input, init)
+  }) as typeof fetch
+  injectAuth({
+    routers: JSON.stringify([
+      { name: "my-router", uuid: "11f1499a-aaaa-bbbb-cccc-4e013e2ddde4" },
+      { name: "other-router", uuid: "22f1499a-aaaa-bbbb-cccc-4e013e2ddde4" },
+    ]),
+    routers_fetched_at: String(Date.now()),
+    oauth_access: "doo_v1_test",
+    oauth_expires: String(Date.now() + 60 * 60 * 1000),
+  })
+  await WithInstance.provide({
+    directory: tmp.path,
+    fn: async () => {
+      const providers = await list()
+      const models = providers[DIGITALOCEAN].models
+      expect(models["router:my-router"]).toBeDefined()
+      expect(models["router:my-router"].api.id).toBe("router:my-router")
+      expect(models["router:my-router"].api.url).toBe("https://inference.do-ai.run/v1")
+      expect(models["router:my-router"].api.npm).toBe("@ai-sdk/openai-compatible")
+      expect(models["router:other-router"]).toBeDefined()
+      expect(routerFetches).toBe(0)
+    },
+  })
+})
+
+test("digitalocean provider.models skips refresh when oauth bearer is expired", async () => {
+  await using tmp = await tmpdir({
+    init: async (dir) => {
+      await Bun.write(
+        path.join(dir, "opencode.json"),
+        JSON.stringify({ $schema: "https://opencode.ai/config.json" }),
+      )
+    },
+  })
+  let routerFetches = 0
+  globalThis.fetch = (async (input: any, init?: any) => {
+    const url = typeof input === "string" ? input : input instanceof URL ? input.toString() : input.url
+    if (url.includes("/v2/gen-ai/models/routers")) {
+      routerFetches++
+      return new Response(JSON.stringify({ model_routers: [] }), { status: 200 })
+    }
+    return originalFetch(input, init)
+  }) as typeof fetch
+  injectAuth({
+    routers: JSON.stringify([{ name: "stale-router", uuid: "stale" }]),
+    routers_fetched_at: "0",
+    oauth_access: "doo_v1_expired",
+    oauth_expires: "1",
+  })
+  await WithInstance.provide({
+    directory: tmp.path,
+    fn: async () => {
+      const providers = await list()
+      const models = providers[DIGITALOCEAN].models
+      expect(models["router:stale-router"]).toBeDefined()
+      expect(routerFetches).toBe(0)
+    },
+  })
+})
+
+test("digitalocean provider.models passes through base models when no auth metadata", async () => {
+  await using tmp = await tmpdir({
+    init: async (dir) => {
+      await Bun.write(
+        path.join(dir, "opencode.json"),
+        JSON.stringify({ $schema: "https://opencode.ai/config.json" }),
+      )
+    },
+  })
+  let routerFetches = 0
+  globalThis.fetch = (async (input: any, init?: any) => {
+    const url = typeof input === "string" ? input : input instanceof URL ? input.toString() : input.url
+    if (url.includes("/v2/gen-ai/models/")) {
+      routerFetches++
+      throw new Error("DO management API should not be called without metadata")
+    }
+    return originalFetch(input, init)
+  }) as typeof fetch
+  await WithInstance.provide({
+    directory: tmp.path,
+    fn: async () => {
+      set("DIGITALOCEAN_ACCESS_TOKEN", "test-token")
+      const providers = await list()
+      const models = providers[DIGITALOCEAN].models
+      expect(Object.keys(models).length).toBeGreaterThan(0)
+      expect(Object.keys(models).filter((id) => id.startsWith("router:")).length).toBe(0)
+      expect(routerFetches).toBe(0)
+    },
+  })
+})
diff --git a/packages/opencode/test/tool/fixtures/models-api.json b/packages/opencode/test/tool/fixtures/models-api.json
index 5a3eb7e8010e..7ced5ca5d3f4 100644
--- a/packages/opencode/test/tool/fixtures/models-api.json
+++ b/packages/opencode/test/tool/fixtures/models-api.json
@@ -1,4 +1,28 @@
 {
+  "digitalocean": {
+    "id": "digitalocean",
+    "env": ["DIGITALOCEAN_ACCESS_TOKEN"],
+    "npm": "@ai-sdk/openai-compatible",
+    "api": "https://inference.do-ai.run/v1",
+    "name": "DigitalOcean",
+    "doc": "https://docs.digitalocean.com/products/genai-platform/",
+    "models": {
+      "openai-gpt-oss-120b": {
+        "id": "openai-gpt-oss-120b",
+        "name": "GPT OSS 120B",
+        "attachment": false,
+        "reasoning": false,
+        "tool_call": true,
+        "temperature": true,
+        "release_date": "2025-08-05",
+        "last_updated": "2025-08-05",
+        "modalities": { "input": ["text"], "output": ["text"] },
+        "open_weights": false,
+        "cost": { "input": 0.35, "output": 0.75 },
+        "limit": { "context": 128000, "output": 16384 }
+      }
+    }
+  },
   "ollama-cloud": {
     "id": "ollama-cloud",
     "env": ["OLLAMA_API_KEY"],
diff --git a/packages/plugin/src/index.ts b/packages/plugin/src/index.ts
index 2e96dd980179..6156477be216 100644
--- a/packages/plugin/src/index.ts
+++ b/packages/plugin/src/index.ts
@@ -8,10 +8,9 @@ import type {
   UserMessage,
   Message,
   Part,
-  Auth,
   Config as SDKConfig,
 } from "@opencode-ai/sdk"
-import type { Provider as ProviderV2, Model as ModelV2 } from "@opencode-ai/sdk/v2"
+import type { Provider as ProviderV2, Model as ModelV2, Auth } from "@opencode-ai/sdk/v2"
 
 import type { BunShell } from "./shell.js"
 import { type ToolDefinition } from "./tool.js"
@@ -153,6 +152,7 @@ export type AuthHook = {
               type: "success"
               key: string
               provider?: string
+              metadata?: Record<string, string>
             }
           | {
               type: "failed"
@@ -177,7 +177,7 @@ export type AuthOAuthResult = { url: string; instructions: string } & (
                 accountId?: string
                 enterpriseUrl?: string
               }
-            | { key: string }
+            | { key: string; metadata?: Record<string, string> }
           ))
         | {
             type: "failed"
@@ -198,7 +198,7 @@ export type AuthOAuthResult = { url: string; instructions: string } & (
                 accountId?: string
                 enterpriseUrl?: string
               }
-            | { key: string }
+            | { key: string; metadata?: Record<string, string> }
           ))
         | {
             type: "failed"
diff --git a/packages/sdk/js/src/gen/types.gen.ts b/packages/sdk/js/src/gen/types.gen.ts
index 8eefe5bfe985..af41a55765c4 100644
--- a/packages/sdk/js/src/gen/types.gen.ts
+++ b/packages/sdk/js/src/gen/types.gen.ts
@@ -1666,6 +1666,9 @@ export type OAuth = {
 export type ApiAuth = {
   type: "api"
   key: string
+  metadata?: {
+    [key: string]: string
+  }
 }
 
 export type WellKnownAuth = {
diff --git a/packages/ui/src/assets/icons/provider/digitalocean.svg b/packages/ui/src/assets/icons/provider/digitalocean.svg
new file mode 100644
index 000000000000..5be390b9d348
--- /dev/null
+++ b/packages/ui/src/assets/icons/provider/digitalocean.svg
@@ -0,0 +1,6 @@
+<svg width="24" height="24" viewBox="-14 -14 100.8 100.8" xmlns="http://www.w3.org/2000/svg" fill="currentColor">
+  <polygon fill-rule="evenodd" points="36.4 58.7 22.4 58.7 22.4 44.6 22.4 44.6 36.4 44.6 36.4 44.6 36.4 58.7"/>
+  <polygon fill-rule="evenodd" points="22.4 69.5 11.6 69.5 11.6 69.5 11.6 58.7 22.4 58.7 22.4 69.5"/>
+  <polygon fill-rule="evenodd" points="11.6 58.7 2.5 58.7 2.5 58.7 2.5 49.6 2.5 49.6 11.5 49.6 11.6 49.6 11.6 58.7"/>
+  <path d="M36.4,0C16.3,0,0,16.3,0,36.4h14.1c0-12.3,10-22.3,22.3-22.3s22.3,10,22.3,22.3-10,22.3-22.3,22.3h0v14.1h0c20.1,0,36.4-16.3,36.4-36.4S56.5,0,36.4,0Z"/>
+</svg>
diff --git a/packages/ui/src/components/provider-icons/sprite.svg b/packages/ui/src/components/provider-icons/sprite.svg
index a0214b40d0a3..68b99ce56d4a 100644
--- a/packages/ui/src/components/provider-icons/sprite.svg
+++ b/packages/ui/src/components/provider-icons/sprite.svg
@@ -854,6 +854,20 @@
         d="M79.01 5.863c-4.066 0-6.511 2.92-6.511 6.535 0 3.635 2.445 6.555 6.511 6.555 4.046 0 6.512-2.92 6.512-6.555s-2.466-6.535-6.512-6.535Zm0 10.968c-2.633 0-4.172-1.933-4.172-4.433s1.539-4.455 4.172-4.455c2.635 0 4.151 1.933 4.151 4.434 0 2.521-1.516 4.454-4.15 4.454Zm14.393 2.096c3.393 0 5.542-1.808 5.837-4.539h-2.36c-.316 1.555-1.517 2.437-3.477 2.437-2.423 0-3.878-1.68-3.878-4.433 0-2.774 1.476-4.434 3.878-4.434 1.96 0 3.14.862 3.477 2.5h2.36c-.295-2.773-2.444-4.622-5.837-4.622-3.856 0-6.217 2.669-6.217 6.535 0 3.887 2.36 6.556 6.217 6.556Zm-29.543-.311h2.36v-6.01c0-2.752 1.348-4.244 3.772-4.244h2.276V6.177h-2.255c-2.128 0-3.288.735-3.898 2.605l-.443-.063.527-2.542h-2.36v12.439h.02Zm-24.445-7.332c.106-2.101 1.517-3.53 3.793-3.53 2.276 0 3.646 1.345 3.646 3.53h-7.439Zm9.778.4c0-3.426-2.381-5.821-5.943-5.821-3.73 0-6.174 2.563-6.174 6.535 0 4.013 2.423 6.555 6.28 6.555 2.929 0 5.247-1.597 5.669-3.887h-2.36c-.507 1.156-1.666 1.828-3.31 1.828-2.38 0-3.877-1.408-3.94-3.803h9.694c.042-.588.084-.861.084-1.408Zm5.69 6.932h1.939l5.5-12.44h-2.529L56 15.99l-.316.021-3.793-9.833h-2.508l5.5 12.439ZM32.23 12.35c0-.882-.359-1.701-.99-2.437a8.594 8.594 0 0 1-1.497 1.093c.337.42.527.861.527 1.345 0 2.731-5.837 4.811-14.14 4.811-8.281.021-14.118-2.059-14.118-4.811 0-.463.168-.925.505-1.345a8.13 8.13 0 0 1-1.475-1.093c-.632.736-.99 1.555-.99 2.438 0 4.034 7.207 6.534 16.1 6.534 8.87.021 16.078-2.5 16.078-6.535Zm-3.351 1.534c-.906-.462-1.96-.861-3.16-1.197-1.37.378-2.909.672-4.553.861 2.318.294 4.341.778 5.9 1.408.76-.336 1.37-.693 1.813-1.072Zm-17.849-.357a31.902 31.902 0 0 1-4.467-.84c-1.18.336-2.255.735-3.16 1.197.42.379 1.01.715 1.748 1.05 1.539-.63 3.52-1.113 5.88-1.407Zm21.2-6.808c0-4.013-7.207-6.534-16.079-6.534C7.26.185.051 2.706.051 6.719c0 4.035 7.208 6.535 16.1 6.535 8.872.021 16.079-2.5 16.079-6.535Zm-1.94 0c0 2.732-5.836 4.812-14.139 4.812-8.302.021-14.14-2.06-14.14-4.812 0-2.731 5.838-4.811 14.14-4.811 7.86 0 14.14 2.08 14.14 4.811Zm-3.223 2.564c.758-.336 1.37-.694 1.812-1.072-2.95-1.513-7.544-2.353-12.728-2.353s-9.799.84-12.728 2.353c.422.378 1.012.715 1.75 1.05 2.507-1.05 6.363-1.68 10.978-1.68 4.404 0 8.324.651 10.916 1.702ZM1.042 15.628c-.632.736-.99 1.534-.99 2.438 0 4.034 7.207 6.534 16.1 6.534 8.892 0 16.099-2.521 16.099-6.534 0-.883-.359-1.702-.99-2.438-.422.4-.907.757-1.497 1.093.337.42.527.861.527 1.345 0 2.731-5.837 4.811-14.14 4.811-8.302 0-14.14-2.08-14.14-4.811 0-.463.17-.925.506-1.345a10.73 10.73 0 0 1-1.475-1.093Z"
       ></path>
     </symbol>
+    <symbol viewBox="-14 -14 100.8 100.8" fill="currentColor" id="digitalocean">
+      <polygon
+        fill-rule="evenodd"
+        points="36.4 58.7 22.4 58.7 22.4 44.6 22.4 44.6 36.4 44.6 36.4 44.6 36.4 58.7"
+      ></polygon>
+      <polygon fill-rule="evenodd" points="22.4 69.5 11.6 69.5 11.6 69.5 11.6 58.7 22.4 58.7 22.4 69.5"></polygon>
+      <polygon
+        fill-rule="evenodd"
+        points="11.6 58.7 2.5 58.7 2.5 58.7 2.5 49.6 2.5 49.6 11.5 49.6 11.6 49.6 11.6 58.7"
+      ></polygon>
+      <path
+        d="M36.4,0C16.3,0,0,16.3,0,36.4h14.1c0-12.3,10-22.3,22.3-22.3s22.3,10,22.3,22.3-10,22.3-22.3,22.3h0v14.1h0c20.1,0,36.4-16.3,36.4-36.4S56.5,0,36.4,0Z"
+      ></path>
+    </symbol>
     <symbol viewBox="0 0 40 40" id="deepseek">
       <path
         d="M35.6638 9.91965C35.3251 9.75432 35.1785 10.0703 34.9811 10.2316C34.9131 10.2836 34.8558 10.3516 34.7985 10.413C34.3025 10.9423 33.7238 11.289 32.9678 11.2476C31.8625 11.1863 30.9186 11.533 30.0839 12.3783C29.9066 11.3356 29.3173 10.7143 28.4213 10.3143C27.9519 10.1063 27.4773 9.89965 27.148 9.44766C26.9186 9.12633 26.856 8.76767 26.7413 8.41568C26.668 8.20235 26.5946 7.98502 26.3506 7.94902C26.084 7.90769 25.98 8.13035 25.876 8.31702C25.4587 9.07967 25.2973 9.91965 25.3133 10.7703C25.3493 12.6849 26.1573 14.2102 27.764 15.2942C27.9466 15.4182 27.9933 15.5435 27.9359 15.7249C27.8266 16.0982 27.696 16.4609 27.5813 16.8355C27.508 17.0742 27.3986 17.1248 27.1426 17.0222C26.2777 16.6504 25.4919 16.1164 24.828 15.4489C23.6854 14.3449 22.6534 13.1263 21.3654 12.1716C21.067 11.9511 20.7606 11.7416 20.4468 11.5436C19.1335 10.2676 20.6201 9.21967 20.9641 9.09567C21.3241 8.965 21.0881 8.51968 19.9254 8.52501C18.7628 8.53035 17.6988 8.91834 16.3428 9.43699C16.1413 9.51421 15.934 9.57529 15.7229 9.61966C14.4557 9.38091 13.1598 9.33506 11.8789 9.48366C9.36565 9.76365 7.35902 10.953 5.88305 12.9809C4.10975 15.4182 3.69243 18.1888 4.20308 21.0768C4.74041 24.122 6.29504 26.6433 8.683 28.6139C11.1603 30.6579 14.0122 31.6592 17.2668 31.4672C19.2428 31.3539 21.4441 31.0886 23.9254 28.9873C24.552 29.2993 25.208 29.4233 26.2986 29.5166C27.1386 29.5953 27.9466 29.4766 28.5719 29.3459C29.5519 29.1379 29.4839 28.23 29.1306 28.0646C26.2573 26.726 26.888 27.2713 26.3133 26.83C27.7746 25.102 29.9746 23.3074 30.8359 17.4928C30.9026 17.0302 30.8452 16.7395 30.8359 16.3662C30.8306 16.1395 30.8826 16.0502 31.1426 16.0249C31.8639 15.95 32.5637 15.7349 33.2025 15.3915C35.0638 14.3742 35.8158 12.7049 35.9931 10.7023C36.0198 10.3956 35.9878 10.081 35.6638 9.91965ZM19.4414 27.9433C16.6562 25.754 15.3055 25.0327 14.7482 25.0634C14.2256 25.0954 14.3202 25.6913 14.4349 26.0807C14.5549 26.4647 14.7109 26.7286 14.9295 27.066C15.0815 27.2886 15.1855 27.6206 14.7789 27.87C13.8816 28.4246 12.3229 27.6833 12.2496 27.6473C10.435 26.578 8.91632 25.1673 7.84834 23.2381C6.81637 21.3808 6.21638 19.3888 6.11771 17.2622C6.09105 16.7475 6.24171 16.5662 6.7537 16.4729C7.42583 16.3442 8.11451 16.3267 8.79233 16.4209C11.6349 16.8368 14.0536 18.1075 16.0828 20.1194C17.2402 21.2661 18.1161 22.6354 19.0188 23.974C19.9788 25.3953 21.0108 26.75 22.3254 27.8593C22.7894 28.2486 23.1587 28.5446 23.5134 28.7619C22.4441 28.8819 20.6601 28.9086 19.4414 27.9433ZM20.7748 19.3568C20.7745 19.2906 20.7904 19.2253 20.8211 19.1666C20.8517 19.1078 20.8962 19.0575 20.9507 19.0198C21.0052 18.9821 21.068 18.9583 21.1337 18.9503C21.1995 18.9424 21.2662 18.9505 21.3281 18.9741C21.407 19.0024 21.475 19.0546 21.5228 19.1235C21.5706 19.1923 21.5958 19.2743 21.5947 19.3581C21.5949 19.4123 21.5843 19.4659 21.5636 19.5159C21.5428 19.5659 21.5123 19.6113 21.4738 19.6494C21.4354 19.6875 21.3897 19.7176 21.3395 19.7378C21.2893 19.7581 21.2356 19.7682 21.1814 19.7675C21.1277 19.7676 21.0745 19.7571 21.0248 19.7365C20.9752 19.7158 20.9302 19.6855 20.8925 19.6473C20.8548 19.609 20.825 19.5636 20.805 19.5138C20.785 19.4639 20.7739 19.4105 20.7748 19.3568ZM24.9213 21.4848C24.6547 21.5928 24.3893 21.6861 24.1347 21.6981C23.7516 21.7114 23.3756 21.5918 23.0707 21.3594C22.7054 21.0528 22.4441 20.8821 22.3347 20.3488C22.297 20.0881 22.3042 19.823 22.3561 19.5648C22.4494 19.1288 22.3454 18.8488 22.0374 18.5955C21.7881 18.3875 21.4694 18.3302 21.1201 18.3302C21.0005 18.3232 20.8843 18.2875 20.7814 18.2262C20.6348 18.1542 20.5148 17.9728 20.6294 17.7488C20.6668 17.6768 20.8428 17.5008 20.8854 17.4688C21.3601 17.1995 21.9081 17.2875 22.4134 17.4902C22.8827 17.6822 23.2374 18.0342 23.748 18.5328C24.2694 19.1341 24.364 19.3008 24.6613 19.7515C24.896 20.1048 25.1093 20.4674 25.2547 20.8821C25.344 21.1421 25.2293 21.3541 24.9213 21.4848Z"
diff --git a/packages/ui/src/components/provider-icons/types.ts b/packages/ui/src/components/provider-icons/types.ts
index 5a97287509e1..1c6f5fe6d2f0 100644
--- a/packages/ui/src/components/provider-icons/types.ts
+++ b/packages/ui/src/components/provider-icons/types.ts
@@ -78,6 +78,7 @@ export const iconNames = [
   "fireworks-ai",
   "fastrouter",
   "evroc",
+  "digitalocean",
   "deepseek",
   "deepinfra",
   "cortecs",

From c9a840a96fe1de02bd3d162437b5bc57d8eb6fba Mon Sep 17 00:00:00 2001
From: Spherrrical <malikmusa1323@gmail.com>
Date: Wed, 6 May 2026 17:24:08 -0700
Subject: [PATCH 2/3] docs: add DigitalOcean to providers directory

Documents OAuth and Model Access Key auth flows plus Inference Router
discovery, slotted alphabetically between Deep Infra and FrogBot.
---
 packages/web/src/content/docs/providers.mdx | 82 +++++++++++++++++++++
 1 file changed, 82 insertions(+)

diff --git a/packages/web/src/content/docs/providers.mdx b/packages/web/src/content/docs/providers.mdx
index 8410c549f292..14069cce24fa 100644
--- a/packages/web/src/content/docs/providers.mdx
+++ b/packages/web/src/content/docs/providers.mdx
@@ -721,6 +721,88 @@ Cloudflare Workers AI lets you run AI models on Cloudflare's global network dire
 
 ---
 
+### DigitalOcean
+
+DigitalOcean's [GenAI Platform](https://docs.digitalocean.com/products/genai-platform/) provides access to open models like GPT-OSS, Llama, Qwen, and DeepSeek, plus custom [Inference Routers](https://docs.digitalocean.com/products/genai-platform/concepts/inference-routers/) that route each request to the cheapest, fastest, or best-fit model for a task.
+
+OpenCode supports two authentication methods:
+
+- **OAuth (Recommended)** — Sign in to your DigitalOcean account; OpenCode auto-creates a Model Access Key and discovers your Inference Routers.
+- **Model Access Key** — Paste an existing key from the DigitalOcean console.
+
+#### OAuth (Recommended)
+
+1. Run the `/connect` command and search for **DigitalOcean**.
+
+   ```txt
+   /connect
+   ```
+
+2. Select **Login with DigitalOcean**.
+
+   ```txt
+   ┌ Select auth method
+   │
+   │ Login with DigitalOcean
+   │ Paste Model Access Key
+   └
+   ```
+
+3. Your browser opens to authorize OpenCode. Sign in and approve.
+
+   :::note
+   OpenCode creates a Model Access Key named `opencode-oauth-<timestamp>` in your DigitalOcean account. You can rotate or revoke it from the **Model Access Keys** page in the GenAI Platform section of the DigitalOcean console.
+   :::
+
+4. Run the `/models` command. Your Inference Routers appear under **DigitalOcean | Inference Routers**, sorted above the base DO models.
+
+   ```txt
+   /models
+   ```
+
+5. To pick up newly created Inference Routers, re-run `/connect` and select **DigitalOcean** again.
+
+#### Using a Model Access Key
+
+If you'd rather paste a key directly:
+
+1. Head over to the **Model Access Keys** page in the GenAI Platform section of the [DigitalOcean console](https://cloud.digitalocean.com/) and create a new key.
+
+2. Run the `/connect` command and select **DigitalOcean**, then **Paste Model Access Key**.
+
+   ```txt
+   ┌ Enter your DigitalOcean Model Access Key
+   │
+   │
+   └ enter
+   ```
+
+   :::note
+   Inference Routers are not auto-discovered with this method. To surface them in the model picker, sign in via OAuth instead.
+   :::
+
+3. Run the `/models` command to select a model.
+
+   ```txt
+   /models
+   ```
+
+#### Environment Variable
+
+Alternatively, set your Model Access Key as an environment variable.
+
+```bash frame="none"
+export DIGITALOCEAN_ACCESS_TOKEN=your-model-access-key
+```
+
+#### Inference Routers
+
+Inference Routers let you define a routing policy across multiple models — picking the cheapest, fastest, or most appropriate model per request based on the task. After OAuth, OpenCode surfaces each router as `router:<router-name>` under the **DigitalOcean | Inference Routers** group in the model picker.
+
+Selecting a router model is a drop-in replacement for any other model — OpenCode forwards your request and DigitalOcean picks the underlying model based on your router's policy.
+
+---
+
 ### FrogBot
 
 1. Head over to the [FrogBot dashboard](https://app.frogbot.ai/signup), create an account, and generate an API key.

From 14a69ff5d1158fade6dd463afa0d2a240e1ccad6 Mon Sep 17 00:00:00 2001
From: Spherrrical <malikmusa1323@gmail.com>
Date: Wed, 6 May 2026 17:27:47 -0700
Subject: [PATCH 3/3] docs: link DigitalOcean inference docs

---
 packages/web/src/content/docs/providers.mdx | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/packages/web/src/content/docs/providers.mdx b/packages/web/src/content/docs/providers.mdx
index 14069cce24fa..d8c8d238d7ce 100644
--- a/packages/web/src/content/docs/providers.mdx
+++ b/packages/web/src/content/docs/providers.mdx
@@ -723,11 +723,11 @@ Cloudflare Workers AI lets you run AI models on Cloudflare's global network dire
 
 ### DigitalOcean
 
-DigitalOcean's [GenAI Platform](https://docs.digitalocean.com/products/genai-platform/) provides access to open models like GPT-OSS, Llama, Qwen, and DeepSeek, plus custom [Inference Routers](https://docs.digitalocean.com/products/genai-platform/concepts/inference-routers/) that route each request to the cheapest, fastest, or best-fit model for a task.
+DigitalOcean's [Inference Engine](https://docs.digitalocean.com/products/inference/) provides access to open models like GPT-OSS, Llama, Qwen, and DeepSeek, plus custom [Inference Routers](https://docs.digitalocean.com/products/genai-platform/concepts/inference-routers/) that route each request to the cheapest, fastest, or best-fit model for a task.
 
 OpenCode supports two authentication methods:
 
-- **OAuth (Recommended)** — Sign in to your DigitalOcean account; OpenCode auto-creates a Model Access Key and discovers your Inference Routers.
+- **OAuth (Recommended)** — Sign in to your DigitalOcean account; OpenCode auto-creates a Model Access Key and discovers your available Models & Inference Routers.
 - **Model Access Key** — Paste an existing key from the DigitalOcean console.
 
 #### OAuth (Recommended)
@@ -751,7 +751,7 @@ OpenCode supports two authentication methods:
 3. Your browser opens to authorize OpenCode. Sign in and approve.
 
    :::note
-   OpenCode creates a Model Access Key named `opencode-oauth-<timestamp>` in your DigitalOcean account. You can rotate or revoke it from the **Model Access Keys** page in the GenAI Platform section of the DigitalOcean console.
+   OpenCode creates a Model Access Key named `opencode-oauth-<timestamp>` in your DigitalOcean account. You can rotate or revoke it from the **Model Access Keys** page in the "Manage" section of the DigitalOcean console under Inference.
    :::
 
 4. Run the `/models` command. Your Inference Routers appear under **DigitalOcean | Inference Routers**, sorted above the base DO models.
@@ -766,7 +766,7 @@ OpenCode supports two authentication methods:
 
 If you'd rather paste a key directly:
 
-1. Head over to the **Model Access Keys** page in the GenAI Platform section of the [DigitalOcean console](https://cloud.digitalocean.com/) and create a new key.
+1. Head over to the **Manage** page in the Inference section of the [DigitalOcean console](https://cloud.digitalocean.com/) and create a new key.
 
 2. Run the `/connect` command and select **DigitalOcean**, then **Paste Model Access Key**.
 
@@ -799,7 +799,7 @@ export DIGITALOCEAN_ACCESS_TOKEN=your-model-access-key
 
 Inference Routers let you define a routing policy across multiple models — picking the cheapest, fastest, or most appropriate model per request based on the task. After OAuth, OpenCode surfaces each router as `router:<router-name>` under the **DigitalOcean | Inference Routers** group in the model picker.
 
-Selecting a router model is a drop-in replacement for any other model — OpenCode forwards your request and DigitalOcean picks the underlying model based on your router's policy.
+Selecting a router model is a drop-in replacement for any other model — OpenCode forwards your request and DigitalOcean picks the underlying model based on your router's policy. Learn more about [Inference Routers](https://docs.digitalocean.com/products/inference/how-to/use-inference-router/)
 
 ---