Hello,
I’ve successfully connected an API call to my google vertex AI, although I’m now looking for a way to establish a workflow to refresh the Bearer key automatically so I don’t need to do it manually.
This is my current API call to Google vertex AI, which works as expected.
Any help is appreciated! Thanks
You should consider JWT token (service client) instead as a way to authenticate to google API for your own account only.
I’m new to most of this API connection stuff. I’m assuming that would give me my desired auto-refresh?
If so, got any advice on how I would go about establishing that?
Thanks
FWIW I downloaded a Google Service Account Plugin | Bubble but not sure how to configure it correctly to achieve an automated refresh token that feeds into my existing API call.
Using JWT, you don’t need refresh token. Bubble will fetch a token when needed. There’s some topic on the forum about how to configure Google service account in API Connector
Thanks.
So I believe the Google Service Account Plugin | Bubble uses JWT token to Create assertion.
I believe I have this configured correctly, as per the plugin’s docs. Now I’m just unsure of what to do with the Requested Bearer token…
You will use it in API Connector with your request to Google API in authorization header
(authorization: bearer token)
I see - and is it sent to the API connector via a workflow or something?
This is my first exposure to this so I’m not sure how to send the bearer token to the Authorization value field in the API connector
The action will have a result for the bearer token. You pass it to the API Call using step 2’s bearer token
However… this is more complex to do it this way than create your own complete integration in API Connector…
I’m all for keeping things simple!
So not using the Google Service account plugin - to create my own complete integration I’ve put the below together as per a previous post of yours on another thread (which I think is right?):
Although when I go to initialize:
Thanks for bearing with me.
check this
I’ve changed the Access token endpoint to match your screenshot but still hitting the same ‘check private key’ error above, even after creating a new key in the Google console as per: Create and delete service account keys | IAM Documentation | Google Cloud.
The scopes is important and need to be the same as what you set in service account if I remember.
It’s possible that you need to modify the key or to copy paste it from something else than notepad. I don’t remember for Google SA, but pretty sure there was something to check to get the key correctly pasted in Bubble
Yeah I see someone said they removed the line breaks from their key (\n), which I’ve also tried but same error. Scope should be correct also.
I’m not sure what else it could be…
I add indentions between the line breaks in my JWT and then got this when initializing the call:
So the Access token endpoint is incorrect…
Looks like it should be “https://oauth2.googleapis.com/token” so I’ve updated it and now:
So now it doesn’t have the “aiplatform.endpoints.predict” permissions on my POST endpoint-
So what I’ve done is made sure my service account has the Vertex AI Service Agent role and the Vertex AI Administrator, both of which include the ‘aiplatform.endpoints.predict’ permissions.
With this, it looks to have worked!
