Skip to main content
RapidDev - Software Development Agency
bubble-integrationsBubble API Connector

Google Cloud AI Platform

Connect Bubble to Google Cloud AI Platform (Vertex AI) to run predictions against your custom ML models. Because Bubble cannot sign Google service account JWTs natively, you need a lightweight Cloud Function or proxy endpoint to exchange credentials for a short-lived Bearer token. A Backend Workflow stores and refreshes this token automatically — enabling non-technical founders to ship AI-powered Bubble apps backed by production ML models.

What you'll learn

  • Why Bubble cannot call Google Cloud AI Platform directly without a token proxy — and why this is the correct architecture
  • How to create a GCP service account with the Vertex AI User role and download the JSON key
  • How to deploy a minimal Cloud Function that exchanges service account credentials for a valid Bearer token
  • How to build a Backend Workflow that fetches, stores, and refreshes the Bearer token in the User record
  • How to configure Bubble's API Connector to POST prediction requests to a Vertex AI endpoint with dynamic instance data
  • How to parse Vertex AI prediction responses and display results in your Bubble UI
Book a free consultation
4.9Clutch rating
600+Happy partners
17+Countries served
190+Team members
Advanced22 min read3–5 hoursAI & MLLast updated July 2026RapidDev Engineering Team
TL;DR

Connect Bubble to Google Cloud AI Platform (Vertex AI) to run predictions against your custom ML models. Because Bubble cannot sign Google service account JWTs natively, you need a lightweight Cloud Function or proxy endpoint to exchange credentials for a short-lived Bearer token. A Backend Workflow stores and refreshes this token automatically — enabling non-technical founders to ship AI-powered Bubble apps backed by production ML models.

Quick facts about this guide
FactValue
ToolGoogle Cloud AI Platform
CategoryAI & ML
MethodBubble API Connector
DifficultyAdvanced
Time required3–5 hours
Last updatedJuly 2026

Custom ML models in Bubble — architecture and the JWT proxy requirement

Google Cloud AI Platform (Vertex AI) is not an off-the-shelf AI service like OpenAI — it is a platform for deploying YOUR own custom trained models. Once you deploy a model as a Vertex AI online endpoint, it exposes an HTTPS prediction URL that accepts POST requests with your model's input format and returns predictions in the response.

The integration challenge is authentication. Google Cloud uses service account credentials — a JSON file containing a private key — to authenticate API calls. You must sign a JWT with this private key to request a Bearer token. Bubble has no built-in cryptographic signing capabilities, so this JWT signing step must happen outside Bubble.

The recommended architecture is a minimal Cloud Function (or any HTTPS endpoint you control) that: 1. Holds the service account JSON key as a secret 2. Signs the JWT and exchanges it for a Bearer token from Google's OAuth endpoint 3. Returns the Bearer token to Bubble's Backend Workflow

Bubble then stores the token in the current User's record with an expiry timestamp and uses it for all subsequent Vertex AI prediction calls. The token expires after 1 hour, so Bubble's Backend Workflow checks the expiry before each prediction call and refreshes if needed.

This architecture is the honest requirement — any guide promising to connect Bubble directly to Vertex AI without a proxy is either using Google API Keys (only available for some services, not Vertex AI online endpoints) or is skipping the authentication step entirely. The Cloud Function adds minimal complexity and cost, and it runs automatically in the background so end users see no difference.

Integration method

Bubble API Connector

Bubble API Connector with Google Cloud AI Platform Vertex AI prediction endpoints — Bearer token obtained from a lightweight Cloud Function proxy (required because Bubble cannot generate Google service account JWTs natively). Backend Workflow refreshes the token before expiry and stores it in the User record.

Prerequisites

  • A Google Cloud Platform account with a project that has the Vertex AI API enabled (console.cloud.google.com → APIs & Services → Enable APIs → search 'Vertex AI')
  • A trained ML model deployed as a Vertex AI online endpoint in your GCP project — note the endpoint ID and region
  • A GCP service account with the 'Vertex AI User' role (IAM & Admin → Service Accounts → Create) and a downloaded JSON key file
  • A minimal Cloud Function deployed that signs the service account JWT and returns a Bearer token (sample code provided in Step 2)
  • The API Connector plugin installed in your Bubble app (Plugins tab → Add plugins → API Connector by Bubble → Install)
  • A Bubble paid plan (Starter or above) for Backend Workflows required to call the token proxy and store tokens server-side

Step-by-step guide

1

Create a GCP service account and download the JSON key

In the Google Cloud Console (console.cloud.google.com), make sure you are in the correct GCP project (shown in the project dropdown at the top). Navigate to IAM & Admin → Service Accounts in the left sidebar. Click 'Create Service Account.' Give it a name like `bubble-vertex-ai` and a description. Click 'Create and Continue.' In the 'Grant this service account access to project' step, click the Role dropdown and search for 'Vertex AI User.' Select it and click 'Continue,' then 'Done.' On the Service Accounts list, find your new account and click the three-dot menu → 'Manage keys.' Click 'Add Key' → 'Create new key' → choose JSON → click 'Create.' A JSON file downloads to your computer automatically. **Store this JSON key securely.** It contains a private key that grants access to your GCP project's Vertex AI resources. You will paste its contents into a Cloud Function secret in the next step — never commit it to version control or paste it into Bubble's workflow editor directly. Note the following values from the JSON key file — you will need them: - `project_id` - `client_email` (looks like `bubble-vertex-ai@your-project.iam.gserviceaccount.com`) - `private_key` (a long RSA private key string) Also note your Vertex AI endpoint details: - Region (e.g., `us-central1`) - Endpoint ID (visible in Vertex AI → Endpoints in the GCP Console) - Your prediction URL format: `https://{region}-aiplatform.googleapis.com/v1/projects/{project}/locations/{region}/endpoints/{endpoint_id}:predict`

vertex_ai_endpoint_format.txt
1// Vertex AI prediction endpoint URL format:
2https://us-central1-aiplatform.googleapis.com/v1/
3 projects/YOUR_PROJECT_ID/
4 locations/us-central1/
5 endpoints/YOUR_ENDPOINT_ID:predict
6
7// Service account JSON key fields you need:
8// - type: 'service_account'
9// - project_id: 'your-project-id'
10// - private_key_id: 'key-id-string'
11// - private_key: '-----BEGIN RSA PRIVATE KEY-----\n...',
12// - client_email: 'bubble-vertex-ai@your-project.iam.gserviceaccount.com'
13// - token_uri: 'https://oauth2.googleapis.com/token'

Pro tip: After creating the service account JSON key, immediately go to IAM & Admin → Roles and verify the service account appears with only the 'Vertex AI User' role — not 'Owner' or 'Editor.' Least-privilege access is important: if this key is ever compromised, it should only expose Vertex AI prediction access, not full project control.

Expected result: You have a GCP service account with the Vertex AI User role, a downloaded JSON key file, and you have noted your Vertex AI prediction endpoint URL including the region and endpoint ID.

2

Deploy a Cloud Function to exchange service account credentials for a Bearer token

Bubble cannot sign JWTs natively, so you need a minimal proxy endpoint. The simplest option is a Google Cloud Function (or Cloud Run service) that reads the service account credentials from its environment and returns a valid access_token on request. In the GCP Console, navigate to Cloud Functions → Create Function. Choose: - Environment: 2nd gen - Function name: `get-vertex-token` - Region: same as your Vertex AI endpoint - Trigger: HTTPS - Authentication: **Allow unauthenticated invocations** (you will add your own API key check for security) In the inline code editor, choose Node.js runtime and paste the following function. This uses the `google-auth-library` package (included by default in Cloud Functions) to generate a Bearer token: Add a simple shared secret check at the top — generate a random token (e.g., a UUID) and add it as an environment variable `PROXY_SECRET`. Bubble will pass this secret in a header to authenticate calls to your proxy, keeping it server-side via the Private checkbox. Deploy the function. Copy the Trigger URL shown after deployment — this is the endpoint Bubble's Backend Workflow will call.

vertex_token_cloud_function.js
1// Cloud Function: get-vertex-token (Node.js 20)
2// File: index.js
3
4const { GoogleAuth } = require('google-auth-library');
5
6exports.getVertexToken = async (req, res) => {
7 // Simple shared secret check
8 const secret = req.headers['x-proxy-secret'];
9 if (secret !== process.env.PROXY_SECRET) {
10 return res.status(401).json({ error: 'Unauthorized' });
11 }
12
13 try {
14 const auth = new GoogleAuth({
15 scopes: ['https://www.googleapis.com/auth/cloud-platform']
16 });
17 const client = await auth.getClient();
18 const tokenResponse = await client.getAccessToken();
19
20 res.json({
21 access_token: tokenResponse.token,
22 expires_in: 3600
23 });
24 } catch (error) {
25 res.status(500).json({ error: error.message });
26 }
27};
28
29// package.json:
30// { "dependencies": { "google-auth-library": "^9.0.0" } }
31
32// Environment variables to set in Cloud Function:
33// PROXY_SECRET = your-random-secret-uuid
34// GOOGLE_APPLICATION_CREDENTIALS handled automatically by Cloud Functions runtime
35// (upload the service account JSON key in the 'Service Account' settings of the function)

Pro tip: Attach the service account JSON key to the Cloud Function by setting the Function's Service Account to the `bubble-vertex-ai` service account you created (in the Cloud Function settings under 'Runtime, build, connections' → 'Service account'). The function then automatically uses that service account's credentials — you do not need to paste the private key into environment variables.

Expected result: Your Cloud Function is deployed and accessible via HTTPS. Calling it with the correct `X-Proxy-Secret` header returns a JSON object containing a valid `access_token` and `expires_in` value.

3

Build a Backend Workflow to fetch and store the Bearer token

With your token proxy deployed, set up the Bubble infrastructure to call it and store the resulting token. First, add fields to Bubble's User data type: Data tab → User → Add field: - `vertex_access_token` (text) - `vertex_token_expiry` (date) In the Plugins tab, configure the API Connector for your token proxy. Click 'Add another API,' name it 'GCP Token Proxy.' Set the call method to GET or POST (depending on your Cloud Function), URL to your Cloud Function trigger URL. Add a shared header `X-Proxy-Secret` with your proxy secret value — **mark it Private**. Go to Settings → API → check 'This app exposes a Workflow API.' Open Backend Workflows and click 'Add workflow.' Name it `refresh_vertex_token`. In this workflow: 1. Add action: 'Plugins → API Connector → GCP Token Proxy → Get Token' (Initialize the call first with a test request to detect the `access_token` field) 2. Add action: 'Make changes to a Thing' → select 'Current User' → set `vertex_access_token` = result of step 1's `access_token` field, and `vertex_token_expiry` = Current date/time + 3600 seconds (i.e., +1 hour) Create a second Backend Workflow named `check_and_refresh_token` that: 1. Checks a condition: 'Only when Current User's vertex_token_expiry is less than Current date/time + 5 minutes' 2. Calls the `refresh_vertex_token` workflow (using 'Schedule API Workflow' at Current date/time) On your app's index page, add a page-load workflow that calls 'Schedule API Workflow' targeting `check_and_refresh_token` at Current date/time whenever a user logs in — ensuring the token is fresh before any AI features are used.

vertex_token_backend_workflow.txt
1// Bubble Backend Workflow: refresh_vertex_token
2// Triggered by: check_and_refresh_token or manual token request
3//
4// Step 1: API Connector call → GCP Token Proxy → Get Token
5// GET https://us-central1-YOUR_FUNCTION.cloudfunctions.net/get-vertex-token
6// Header: X-Proxy-Secret: <proxy_secret> // Private
7// Response: { "access_token": "ya29.xxx", "expires_in": 3600 }
8//
9// Step 2: Make changes to a Thing
10// Thing: Current User
11// vertex_access_token = Result of step 1's access_token
12// vertex_token_expiry = Current date/time + 3600 seconds
13
14// Pre-call token check pattern in any Bubble workflow:
15// Condition: Current User's vertex_token_expiry < now + 5 minutes?
16// YES → Schedule API Workflow: refresh_vertex_token (at now)
17// Pause before next action: 2 seconds
18// [Then proceed with Vertex AI call]
19// NO → [Proceed directly with Vertex AI call]

Pro tip: The 2-second pause after scheduling the token refresh is necessary because 'Schedule API Workflow' is fire-and-forget — Bubble does not wait for it to complete before the next action. For more reliable token refresh in critical workflows, use a 'Run backend workflow synchronously' pattern if your Bubble version supports it, or increase the pause to 3–4 seconds to account for the Cloud Function's cold start time.

Expected result: The Backend Workflow fetches a valid Bearer token from your Cloud Function proxy and stores it in the current User's record with an expiry timestamp. The token is available for all subsequent Vertex AI prediction calls.

4

Configure the API Connector for Vertex AI predictions

With Bearer tokens being stored in User records, configure the Vertex AI prediction call in Bubble's API Connector. Click 'Add another API' and name it 'Vertex AI.' In the API group, add a shared header: - Name: `Authorization` - Value: `Bearer ` + a dynamic parameter named `access_token` — **mark Private** This `access_token` parameter will be populated dynamically from `Current User's vertex_access_token` field in every workflow that calls this API. Also add: - `Content-Type: application/json` Now add the prediction call. Click 'Add another call,' name it 'Predict.' Set method to POST and URL to your full Vertex AI endpoint URL: `https://us-central1-aiplatform.googleapis.com/v1/projects/YOUR_PROJECT_ID/locations/us-central1/endpoints/YOUR_ENDPOINT_ID:predict` The JSON body structure is: ```json { "instances": [ { "feature_name_1": "<dynamic_value_1>", "feature_name_2": "<dynamic_value_2>" } ] } ``` The exact field names inside the instances object must match your deployed model's input schema — check your model's signature in Vertex AI Studio or via the Model Registry in GCP Console. Click 'Initialize call.' You must supply a real `access_token` (copy the current token from the User record in Bubble's Data tab for your test user) and valid instance data that your model accepts. A successful initialization returns a prediction response — Bubble detects the `predictions` array for result binding.

vertex_ai_prediction_call.json
1// API Connector: Vertex AI → Predict
2// Method: POST
3// URL: https://us-central1-aiplatform.googleapis.com/v1/
4// projects/YOUR_PROJECT_ID/
5// locations/us-central1/
6// endpoints/YOUR_ENDPOINT_ID:predict
7//
8// Shared headers (API group level):
9// Authorization: Bearer <access_token> // Private, dynamic from User record
10// Content-Type: application/json
11//
12// JSON body:
13{
14 "instances": [
15 {
16 "feature_1": "<dynamic_input_1>",
17 "feature_2": "<dynamic_input_2>"
18 }
19 ]
20}
21
22// Example for a text classification model:
23{
24 "instances": [
25 { "content": "<dynamic_user_text_input>" }
26 ]
27}
28
29// Vertex AI response format:
30{
31 "predictions": [
32 {
33 "classes": ["positive", "negative", "neutral"],
34 "scores": [0.85, 0.10, 0.05]
35 }
36 ],
37 "deployedModelId": "1234567890",
38 "model": "projects/.../models/..."
39}

Pro tip: The `instances` array can contain multiple items for batch prediction — one object per input. However, for real-time Bubble workflows, keep instances to a single item to minimize response latency. Multi-instance calls are useful for batch-processing workflows that run on a schedule via Bubble's 'Schedule API Workflow' (Recurring) pattern.

Expected result: The Vertex AI Predict call initializes successfully with a real Bearer token. Bubble detects the `predictions` array in the response. The call is ready to be wired into Bubble workflows.

5

Build a Bubble workflow that calls Vertex AI on user action

Now connect the prediction API to your Bubble UI. The pattern depends on your use case, but the general structure is: 1. User submits a form or triggers an action in Bubble 2. A workflow fires, first checking the token expiry 3. The workflow calls 'Schedule API Workflow' to run a Backend Workflow that makes the Vertex AI prediction call 4. The Backend Workflow writes the prediction result to a Bubble database record 5. The UI updates to show the result **Example — text classification:** Add a Text Input and a 'Classify' button on a Bubble page. When the button is clicked: - Action 1: Create a 'Prediction_Request' Thing in Bubble with the input text and status='pending' - Action 2: Schedule API Workflow: `run_vertex_prediction` at Current date/time, passing the Prediction_Request's unique ID In the `run_vertex_prediction` Backend Workflow: - Step 1: Check token expiry condition → refresh if needed (with 2-second pause) - Step 2: Call Vertex AI Predict with `instances[0].content` = the Prediction_Request's input text, `access_token` = Current User's vertex_access_token - Step 3: Make changes to Prediction_Request Thing → set `result` = response's predictions[0].classes[0] (the top class), `score` = response's predictions[0].scores[0], `status` = 'complete' On the Bubble page, make the result text element's visibility conditional on the Prediction_Request Thing's status = 'complete.' Use a Repeating Group with 'Do a search for Prediction_Request' that auto-refreshes or use the Bubble 'Refresh on data change' pattern to update the display when the Backend Workflow completes. Cache prediction results: if the same input is submitted multiple times, check whether a Prediction_Request with that input already exists before calling Vertex AI. This avoids redundant API calls and saves both GCP prediction costs and Bubble WUs.

vertex_prediction_workflow.txt
1// Bubble data type: Prediction_Request
2// Fields:
3// - input_text (text)
4// - predicted_class (text)
5// - confidence_score (number)
6// - status (text: 'pending' | 'complete' | 'error')
7// - created_by (user)
8// - created_at (date)
9
10// Backend Workflow: run_vertex_prediction
11// Parameters: prediction_request_id (text)
12//
13// Step 1: Token check
14// When: Current User's vertex_token_expiry < now + 5 min
15// → Schedule API Workflow: refresh_vertex_token (at now)
16// → Pause before next action: 2 seconds
17//
18// Step 2: Call Vertex AI
19// Plugins → Vertex AI → Predict
20// access_token: Current User's vertex_access_token // Private
21// instances[0].content: [lookup Prediction_Request by id].input_text
22//
23// Step 3: Update record
24// Make changes to Thing: Prediction_Request (found by id)
25// predicted_class: Result of step 2's predictions[0].classes[0]
26// confidence_score: Result of step 2's predictions[0].scores[0]
27// status: 'complete'

Pro tip: Write prediction results to a Bubble database record rather than returning them to the frontend via a Custom State — Backend Workflow results are not directly accessible as return values in Bubble. The database approach also gives you a prediction history log, which is useful for debugging model behavior over time and for implementing result caching.

Expected result: Users trigger predictions from the Bubble UI. The Backend Workflow calls Vertex AI, parses the prediction response, and writes the result to a database record. The UI updates to display the prediction result after the Backend Workflow completes.

6

Handle token expiry, region errors, and test the full pipeline

Run a complete end-to-end test before deploying to production: **1. Token expiry simulation:** In Bubble's Data tab, find your test user and manually set `vertex_token_expiry` to a time in the past. Trigger a prediction workflow — the token check should fire `refresh_vertex_token` automatically and succeed. Check Logs tab → Workflow logs to confirm the refresh ran before the prediction call. **2. Region mismatch:** If your Vertex AI endpoint is in `europe-west4` but your API Connector URL says `us-central1`, the call returns 404 (not 401). The region in the URL must exactly match the region where the endpoint was deployed. Check Vertex AI → Endpoints in GCP Console for the deployed region. **3. Instance schema mismatch:** If the field names in your instances object do not match the model's input schema, Vertex AI returns 400 with a description like 'Instance feature not found: feature_name.' Check the model's input schema in Vertex AI Studio → Model Registry → your model → Schema tab. **4. WU monitoring:** Each Vertex AI prediction call from Bubble consumes Workload Units for the API call action and the Backend Workflow run. If your app has many users making predictions frequently, monitor Bubble's WU dashboard under Settings → Billing. Cache identical inputs to avoid redundant prediction calls. **5. Privacy rules:** Any Prediction_Request records stored in Bubble's database should have privacy rules — go to Data tab → Prediction_Request type → Privacy → add rule: 'This Thing is visible to Current User when created_by = Current User.' RapidDev's team has architected AI integrations like this across dozens of production Bubble apps — for help with custom model integration or scaling, reach out at rapidevelopers.com/contact.

vertex_ai_troubleshooting.txt
1// Error diagnostic guide:
2//
3// 401 Unauthorized
4// → Access token expired or Cloud Function proxy returned invalid token
5// → Check Cloud Function logs in GCP Console → Cloud Functions → Logs
6// → Manually trigger refresh_vertex_token Backend Workflow and verify
7// the new token is stored in the User record
8//
9// 404 Not Found
10// → Region in URL does not match deployed endpoint region
11// → OR endpoint ID is wrong (deleted/redeployed endpoint gets a new ID)
12// → Check Vertex AI → Endpoints in GCP Console for exact region + ID
13//
14// 400 Bad Request
15// → Instance field names or types don't match model schema
16// → Check model input signature in Vertex AI Studio
17// → Verify body JSON structure matches {"instances": [{...}]} format
18//
19// 500 from Cloud Function
20// → Service account doesn't have Vertex AI User role
21// → OR Cloud Function's own service account lacks permissions
22// → Check GCP Console → IAM for the service account's assigned roles

Pro tip: Set up GCP Cloud Monitoring alerts on your Vertex AI endpoint for latency and error rate metrics. If your Bubble app's prediction workflows start failing, the GCP monitoring dashboard will show whether errors are originating from Vertex AI itself (model issues) or from your Cloud Function proxy (auth issues) — a distinction that's hard to debug from Bubble's logs alone.

Expected result: The complete pipeline works end-to-end: token refresh fires proactively on expiry, prediction calls succeed with the correct endpoint URL and instance schema, results are stored in Bubble's database, and the UI displays predictions. The Bubble Logs tab shows no 401, 404, or 400 errors.

Common use cases

Custom product recommendation engine

Deploy a collaborative filtering or content-based recommendation model on Vertex AI. When a user views a product in your Bubble app, a Backend Workflow sends the user's browsing history and current product ID to the Vertex AI prediction endpoint. The response returns ranked product IDs that Bubble displays as a 'You might also like' Repeating Group — personalized recommendations backed by your own model.

Bubble Prompt

When a user visits a product detail page, trigger a Backend Workflow: call the token refresh check, then POST to the Vertex AI endpoint with instances containing user_id and current_product_id. Parse the predictions array for top-5 recommended product IDs. Load each product from the Bubble database and display in a Repeating Group below the current product.

Copy this prompt to try it in Bubble

Real-time fraud detection for transactions

A fintech Bubble app submits payment or transaction data to a Vertex AI fraud detection model before processing. The model returns a fraud probability score — if above a threshold, the Bubble workflow flags the transaction for review and alerts the admin team via Slack. All of this happens server-side in a Bubble Backend Workflow before the transaction record is written.

Bubble Prompt

When a new Transaction is about to be saved, trigger a Backend Workflow that calls the Vertex AI fraud model with transaction_amount, merchant_category, user_location, and device_fingerprint as instance fields. If the returned fraud_probability score exceeds 0.8, mark the Transaction as 'flagged' instead of 'approved' and notify the admin via API call to Slack.

Copy this prompt to try it in Bubble

Document classification for intake forms

Users upload documents through a Bubble form. A Backend Workflow extracts text metadata and sends it to a Vertex AI document classification model to categorize the document type (invoice, contract, ID document). The model's predicted class is saved to the Bubble database and used to route the document to the correct processing queue automatically.

Bubble Prompt

When a file is uploaded to Bubble's file storage, trigger a Backend Workflow: extract the filename and file metadata, POST to the Vertex AI classifier endpoint with the document metadata as the instance, retrieve the predicted class label from the response, and update the uploaded document's Bubble record with the classification result.

Copy this prompt to try it in Bubble

Troubleshooting

Vertex AI prediction call returns 401 Unauthorized

Cause: The Bearer token stored in the User record has expired (tokens are valid for 1 hour) or was never set (the user has not yet gone through the token fetch flow). The Cloud Function proxy might also be returning an error if the service account lacks the Vertex AI User role.

Solution: Check the User record in Bubble's Data tab — is `vertex_access_token` populated and is `vertex_token_expiry` in the future? If the token is expired, manually trigger the `refresh_vertex_token` Backend Workflow for your test user. Also check GCP Console → Cloud Functions → Logs for errors in the token proxy function — a common issue is the service account not having the Vertex AI User role assigned.

Vertex AI endpoint returns 404 Not Found

Cause: The region in the API Connector URL does not match the region where the Vertex AI endpoint was deployed. Each Vertex AI endpoint has a region-specific URL — a model deployed in `europe-west4` cannot be accessed via a `us-central1` URL. This is one of the most common errors because the region in the URL is easy to overlook.

Solution: In GCP Console, navigate to Vertex AI → Endpoints. Find your endpoint and check the displayed region. Update your Bubble API Connector URL to use the exact matching region prefix. Example: if the endpoint is in `europe-west4`, the URL must start with `https://europe-west4-aiplatform.googleapis.com/...`

Initialize call fails with 'There was an issue setting up your call'

Cause: Bubble's Initialize call requires a real successful API response to detect the schema. If the Bearer token in the Private parameter field is expired or invalid during initialization, the call returns 401 and Bubble cannot detect response fields.

Solution: Fetch a fresh Bearer token by calling your Cloud Function proxy directly (open the URL in a browser or use Postman). Copy the returned access_token and temporarily paste it into the Private `access_token` field during Initialize call mode. After initialization succeeds and Bubble detects the predictions array, replace the hardcoded value with the dynamic expression `Current User's vertex_access_token`.

Prediction response is empty or returns unexpected output

Cause: The instance field names or data types in the API Connector body do not match the model's expected input schema (its SignatureDef). Vertex AI is strict about input schemas — wrong field names are silently ignored, resulting in empty or incorrect predictions.

Solution: In GCP Console → Vertex AI → Model Registry → your model → click the model version → Schema tab to see the exact expected input field names and types. Update your API Connector body to match exactly. Test with a known-good input that you validated during model training to confirm the prediction output is as expected.

Backend Workflow for token refresh does not update the User record

Cause: The Backend Workflow is referencing 'Current User' but Backend Workflows run in a server context without a logged-in user — 'Current User' may be empty unless the user's ID is passed as a workflow parameter.

Solution: Add a parameter to the `refresh_vertex_token` Backend Workflow: `user_id` (text). When calling this workflow from a frontend workflow, pass `Current User's unique ID` as the `user_id` parameter. Inside the Backend Workflow, use 'Do a search for Users where unique ID = user_id parameter' to find the correct User record and update it.

Best practices

  • Never paste your GCP service account JSON key into Bubble directly — store it only in the Cloud Function's environment or as a GCP Secret Manager secret. The key grants access to your entire GCP project scope and must remain outside any browser-accessible system.
  • Store the Vertex AI Bearer token in the User's Bubble data record (not a Custom State) — Custom States are lost on page navigation, forcing a new token fetch on every page load and increasing latency.
  • Always check token expiry before calling Vertex AI — build a pre-call condition that compares `Current User's vertex_token_expiry` to now + 5 minutes and triggers a refresh Backend Workflow when needed.
  • Cache prediction results in a Bubble database record keyed by the input hash or input value — if the same input is submitted multiple times, return the cached result instead of calling Vertex AI again. This reduces both GCP prediction costs and Bubble Workload Unit consumption.
  • Match your Cloud Function region to your Vertex AI endpoint region — deploying them in the same region minimizes network latency for the internal token exchange and keeps data transfer within Google's network.
  • Add Bubble Privacy rules to any data type storing prediction results — ensure prediction records are readable only by the user who created them, preventing data leakage between users in multi-tenant Bubble apps.
  • Monitor GCP Cloud Monitoring for your Vertex AI endpoint — set up alerts for elevated error rates and prediction latency spikes. Vertex AI online endpoints can be paused or have compute issues that need GCP-level diagnosis, not Bubble-level debugging.

Alternatives

Frequently asked questions

Why can't I call Vertex AI directly from Bubble without a proxy?

Google Cloud AI Platform (Vertex AI) uses service account Bearer tokens that expire every hour. To obtain a Bearer token, you must sign a JWT with the service account's RSA private key — a cryptographic operation that requires access to the private key itself. Bubble has no built-in JWT signing capability, so this step must happen in a separate server-side environment (Cloud Function, Cloud Run, or any HTTPS endpoint) that holds the private key securely.

Do I need to pay for Google Cloud to use Vertex AI in my Bubble app?

Yes. Vertex AI online endpoint predictions are billed per prediction request and by compute instance uptime. New GCP accounts receive $300 in free credits to get started. Once credits are exhausted, you pay per prediction. Check cloud.google.com/vertex-ai/pricing for current rates for your endpoint's machine type and region. The Cloud Function for token exchange costs very little (Cloud Functions have a generous free tier).

Can I use Google Generative AI (Gemini) through this same architecture?

Gemini models on Vertex AI (Vertex AI Generative AI endpoints) use the same authentication pattern described here — Bearer tokens from service accounts. However, Gemini API via Google AI Studio uses API keys instead, which is much simpler to configure in Bubble (no proxy needed). If you want to use Gemini without a proxy, use the Google AI Studio API key path rather than the Vertex AI service account path.

How long does the Bearer token last and how often does it refresh?

Google Cloud Bearer tokens from service accounts are valid for 1 hour (3600 seconds). The refresh Backend Workflow stores a `vertex_token_expiry` timestamp 1 hour from the token fetch time. A pre-call check triggers a refresh when the token is within 5 minutes of expiry — effectively refreshing every ~55 minutes for active users. Inactive users' tokens expire silently and are refreshed on their next action.

What if I need to call multiple different Vertex AI models from one Bubble app?

The same Bearer token works for all Vertex AI endpoints in your GCP project — the token grants access at the project level (scoped by the service account's IAM role). In Bubble, create a separate API Connector call for each model endpoint URL, all sharing the same Authorization Bearer header. The token fetch and storage workflow stays the same — you only add new calls in the Vertex AI API Connector group.

What is the difference between online prediction and batch prediction in Vertex AI?

Online prediction (what this guide covers) is synchronous — you POST a request and wait for the prediction response immediately. It is used for real-time user-facing features in Bubble. Batch prediction is asynchronous — you submit a large dataset, Vertex AI processes it over minutes or hours, and stores results in GCP Storage. Batch prediction is typically triggered on a schedule and not suitable for real-time Bubble UI interactions, though you could trigger a batch job from a Bubble Backend Workflow.

RapidDev

Talk to an Expert

Our team has built 600+ apps. Get personalized help with your project.

Book a free consultation

Integrations are where projects stall

We wire Bubble integrations like this one every week — auth, webhooks, edge cases included. Fixed-price builds from $13K, delivered in 6–10 weeks.

Talk to an integration engineer

We put the rapid in RapidDev

Need a dedicated strategic tech and growth partner? Discover what RapidDev can do for your business! Book a call with our team to schedule a free, no-obligation consultation. We'll discuss your project and provide a custom quote at no cost.