Gemini.Auth.VertexStrategy (GeminiEx v0.0.1)
View SourceAuthentication strategy for Google Vertex AI using OAuth2/Service Account.
This strategy supports multiple authentication methods:
- Service Account JSON file (via VERTEX_JSON_FILE environment variable)
- OAuth2 access tokens
- Application Default Credentials (ADC)
Based on the Vertex AI documentation, this strategy can generate self-signed JWTs for authenticated endpoints and standard Bearer tokens for regular API calls.
Summary
Functions
Authenticate with Vertex AI using various methods.
Create a signed JWT for authenticated Vertex AI endpoints.
Get authentication headers for Vertex AI requests.
Functions
Authenticate with Vertex AI using various methods.
Supports the following authentication methods:
- OAuth2 with project_id and location
- Service Account with key file path
- Service Account with key data
- Direct access token
@spec create_signed_jwt(String.t(), String.t(), map(), keyword()) :: {:ok, String.t()} | {:error, term()}
Create a signed JWT for authenticated Vertex AI endpoints.
This is used for Vector Search endpoints with JWT authentication as described in v1.md.
Parameters
service_account_email
: The service account email (issuer)audience
: The audience specified during index deploymentcredentials
: The credentials map containing authentication infoopts
: Additional options for JWT creation
Examples
iex> credentials = %{service_account_key: "/path/to/key.json"}
iex> {:ok, jwt} = Gemini.Auth.VertexStrategy.create_signed_jwt(
...> "my-service@project.iam.gserviceaccount.com",
...> "my-app-audience",
...> credentials
...> )
Get authentication headers for Vertex AI requests.
Supports multiple credential types:
- %{access_token: token} - Direct access token
- %{service_account_key: path} - Service account JSON file path
- %{service_account_data: data} - Service account JSON data
- %{jwt_token: token} - Pre-signed JWT token