Configure Reauthentication policy for Google Vertex AI

We recommend disabling the Reauthentication policy for Google Vertex AI in the Google Cloud Console for the OAuth connection.

The Google Vertex AI OAuth connection has a short validity period and expires within a few hours of creating it. We recommend removing this limitation by configuring the Reauthentication policy ClientId App exemption settings in the Google Cloud Console. This is critical to prevent automation-execution disruption for automations using the Google Vertex AI OAuth connection.

Prerequisites

  • You would create an OAuth connection for using Google Vertex AI. For information on setting up the OAuth connection, see OAuth 연결 생성.
  • Next, you would set up your Google Cloud Project and OAuth connection for Google Vertex AI. See Vertex AI: 연결 작업.

After completing these tasks, you would configure the Reauthentication policy in Google Cloud Console to remove the expiry for ClientId App. Removing the expiration will ensure the OAuth connection remains valid, preventing any automation execution disruption. You would require Admin credentials to configure this setting in the Google Cloud Console.

Log in to the Google Cloud Console as an Admin and follow these steps to remove the Reauthentication policy.

Procedure

  1. Navigate to Admin > Directory > Organizational units and create a new organizational unit.
  2. Next, add the application created by the developers to the organizational unit.
    • If you have not created an application, then you can create one at this point by navigating to Security > App Access Control > API Controls and click Manage Third-party App Access.
    Google Cloud Console for Admin users
  3. Navigate to Security > API Controls > App Access Control to view the added application within the organizational unit.
  4. Next, click Change access on your application.
    Google Cloud Console Change access option
  5. In the Google Cloud console and SDK session control tab, check the Never require reauthentication option.
    Remove reauthentication policy
  6. Selecting this option would exempt all applications under the selected organizational unit from authentication expiration.
  7. Besides removing the reauthentication requirement, you can also select Require reauthentication and change an expiration frequency as per your requirement.