How to authenticate with a Vertex AI endpoint in Postman without manual action?

Question

I created a endpoint on Google Cloud Platform Vertex AI and I managed to consume it with Postman with the following authentication process:

1. Connect to GCP
2. Open a gcloud console and run gcloud auth login
3. Follow the process to authenticate yourself as user of the Google Cloud SDK
4. Run gcloud auth print-access-token
5. Copy the returned token and paste it onto Postman > Authorization > Type > Bearer Token

This token is only valid one hour.

How can I remove this repetitive manual authentication ? Could you describe another process for setting up automatic authentication ?

Answer 1

To my knowledge, the best way is to define a service account (SA), use its key (which never expires) and a Javascript pre-request script:

1. A devops engineer can create the custom user-manager SA and grants it the aiplatform.endpoints.predict permission (see tutorial here)
2. Configure Postman with the keys of the created service account and the pre-request script auto-generating a Bearer token (see tutorial here)
3. Fill in the content of your request (method, url, body, etc) and run it

Answer 2

There is a documentation about token's lifetime here.

By default, access tokens are good for 1 hour (3,600 seconds). When the access token has expired, your token management code must get a new one.

If you need an access token with a longer or shorter lifetime, you can use the serviceAccounts.generateAccessToken method to create the token. This method enables you to choose the lifetime of the token, with a maximum lifetime of 12 hours.