How to Call Vertex AI Generative Model from Cloud Function with Authentication

elizabeths · July 27, 2025, 8:02am

I built a generative AI model in Vertex AI Studio and can successfully call it using CURL commands. However, when I try to implement the same functionality in a Google Cloud Function, I keep running into authentication issues.

I found documentation for accessing Vertex AI from client applications using various SDKs, but there’s not much guidance for server-to-server communication from Cloud Functions. Can someone help me figure out the proper authentication flow?

Here’s my current Cloud Function code:

import json
from google.auth.transport import requests as auth_requests
from google.oauth2 import service_account
import requests

def call_generative_model(request):
    # Configuration
    ENDPOINT = "us-central1-aiplatform.googleapis.com"
    PROJECT = "my-project-id"
    MODEL = "text-bison@001"
    API_URL = f"https://{ENDPOINT}/v1/projects/{PROJECT}/locations/us-central1/publishers/google/models/{MODEL}:predict"
    
    # Authentication setup
    creds = service_account.Credentials.from_service_account_file(
        'credentials.json'
    )
    auth_request = auth_requests.Request()
    access_token = creds.refresh(auth_request).token
    
    # Request configuration
    request_headers = {
        "Authorization": f"Bearer {access_token}",
        "Content-Type": "application/json"
    }
    
    # Model parameters
    request_data = {
        "instances": [
            {
                "content": "Generate a response for this prompt..."
            }
        ],
        "parameters": {
            "candidateCount": 1,
            "maxOutputTokens": 256,
            "temperature": 0.3,
            "topP": 0.9,
            "topK": 20
        }
    }
    
    # Make API call
    result = requests.post(API_URL, headers=request_headers, json=request_data)
    
    print(result.json())
    return 'Success', 200

The authentication part seems to be failing. What’s the correct way to handle this?

OwenNebula55 · August 4, 2025, 7:53pm

Had the exact same authentication nightmare when I started using Vertex AI with Cloud Functions. You’re probably overcomplicating this - Cloud Functions already runs with a default service account that has the right permissions, so ditch the service account files completely.

Scrap the credentials.json approach and just use default application credentials. Your token refresh is broken - you’re calling it wrong and then trying to access a token that doesn’t exist. Replace your auth code with from google.auth import default and credentials, _ = default(). Use those credentials directly in your request.

Also check that your Cloud Function’s default service account has the ‘Vertex AI User’ IAM role. Without it, even perfect auth code won’t work. Check this in the IAM console under your project settings.

MarkSeeker91 · August 3, 2025, 1:35pm

your service account approach works, but I’d switch to default credentials. just import from google.auth import default then do credentials, project = default() - much simpler and plays nicer with cloud functions. also heads up, that refresh call syntax is off. should be creds.refresh(auth_request) then creds.token.

charlottew · August 2, 2025, 6:52pm

Skip the manual token handling - just use the Vertex AI SDK. Install google-cloud-aiplatform and your code gets way cleaner. The SDK handles auth automatically in Cloud Functions through the default service account.

from vertexai.language_models import TextGenerationModel
import vertexai

def call_generative_model(request):
    vertexai.init(project="my-project-id", location="us-central1")
    model = TextGenerationModel.from_pretrained("text-bison@001")
    
    response = model.predict(
        "Generate a response for this prompt...",
        temperature=0.3,
        max_output_tokens=256,
        top_p=0.9,
        top_k=20
    )
    
    return response.text

Just make sure your Cloud Function’s service account has the Vertex AI User role. This kills all that auth complexity you’re fighting with.