Skip to content

gptel-bedrock: AWS_BEARER_TOKEN_BEDROCK support #1007

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

gptel-bedrock: AWS_BEARER_TOKEN_BEDROCK support #1007

wants to merge 1 commit into from

Conversation

leezu
Copy link
Contributor

@leezu leezu commented Aug 7, 2025
edited
Loading

AWS has introduced Bearer token based authentication for Bedrock https://docs.aws.amazon.com/bedrock/latest/userguide/api-keys.html Bearer token based authentication only requires the Authorization: Bearer header and does not need the sigv4 signing and thus removes the current dependency of the Bedrock backend on curl >= 8.9.

@leezu leezu force-pushed the AWS_BEARER_TOKEN_BEDROCK branch from 99fbf56 to 2b42f27 Compare August 7, 2025 13:23
@leezu leezu force-pushed the AWS_BEARER_TOKEN_BEDROCK branch from 2b42f27 to 7dff54e Compare August 7, 2025 13:26
@karthink
Copy link
Owner

karthink commented Aug 7, 2025

Thanks for the PR @leezu. Is this a duplicate of #983?

@karthink karthink added bedrock waiting Waiting for a response from another party. labels Aug 7, 2025
@leezu
Copy link
Contributor Author

leezu commented Aug 7, 2025

@karthink they are similar. This PR adds support for the AWS_BEARER_TOKEN_BEDROCK environment variable which is the standard environment variable name for Bedrock https://docs.aws.amazon.com/bedrock/latest/userguide/api-keys-use.html #983 adds support for passing the key as an argument in elisp. Ideally we should support both ways to specify the key.

The other difference between the PRs is that #983 uses :header argument to pass the token AND modifies the gptel-bedrock--curl-args to remove the other arguments if bearer token is present, whereas this PR handles both inside gptel-bedrock--curl-args. I think handling both in gptel-bedrock--curl-args is cleaner.

@leezu
Copy link
Contributor Author

leezu commented Aug 7, 2025
edited
Loading

Also FYI, Bedrock now supports an OpenAI compatible endpoint (at least for the gpt-oss models): https://aws.amazon.com/blogs/aws/openai-open-weight-models-now-available-on-aws/

(gptel-make-openai "Bedrock-OpenAI"
    :host "bedrock-runtime.us-west-2.amazonaws.com"
    :protocol "https"
    :key "REDACTED"
    :endpoint "/openai/v1/chat/completions"
    :stream nil
    :models '((openai.gpt-oss-20b-1:0 :capabilities (reasoning))
              (openai.gpt-oss-120b-1:0 :capabilities (reasoning))))

Additional patches are required for the reasoning support with GPT-OSS as it uses <reasoning> </reasoning> tags instead of the currently supported <think> </think>.

@karthink
Copy link
Owner

karthink commented Aug 7, 2025 via email

@leezu
Copy link
Contributor Author

leezu commented Aug 8, 2025

Thanks, @karthink. It's not really a design change but simply adjustment to support the new API key functionality. It became available only last month: https://aws.amazon.com/blogs/machine-learning/accelerate-ai-development-with-amazon-bedrock-api-keys/

@karthink karthink mentioned this pull request Aug 22, 2025
Closed
@akssri akssri mentioned this pull request Aug 30, 2025
Merged
@akssri
Copy link
Contributor

akssri commented Aug 30, 2025

(Moved to #1053)

@karthink
Copy link
Owner

Closing in favor of #1053.

@karthink karthink closed this Sep 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bedrock waiting Waiting for a response from another party.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@leezu @karthink @akssri