To use the Gemini API, you need an API key.
You can create a key with one click in Google AI Studio.
Get an API key
Verify your API key with a curl command
You can use a curl command to verify your setup.
You can pass the API key either in the URL:
API_KEY="
YOUR_API_KEY
"
curl -H 'Content-Type: application/json' \
-d '{"contents":[
{"role": "user",
"parts":[{"text": "Give me five subcategories of jazz?"}]}]}' \
"https://generativelanguage.googleapis.com/v1/models/gemini-pro:generateContent?key=${API_KEY}"
Or in the
x-goog-api-key
header:
API_KEY="
YOUR_API_KEY
"
curl -H 'Content-Type: application/json' \
-H "x-goog-api-key: ${API_KEY}" \
-d '{"contents":[
{"role": "user",
"parts":[{"text": "Give me five subcategories of jazz?"}]}]}' \
"https://generativelanguage.googleapis.com/v1/models/gemini-pro:generateContent"
Keep your API key secure
It's important to keep your Gemini API key secure. Here are a few things to keep
in mind when using your Gemini API key:
The Google AI Gemini API uses API keys for authorization. If others get access
to your Gemini API key, they can make calls using your project's quota,
which could result in lost quota or additional billing charges (if billing is
enabled). API keys also guard access to tuned models and files.
When you click
Get API key
in Google AI Studio, you choose whether to
provision a Gemini API key in a new or existing Google Cloud project. The
API keys list in Google AI Studio
shows all the API keys that AI Studio has provisioned for use with the Google
AI Gemini API (along with all their associated Google Cloud projects).
- However,
any
API keys within the Google Cloud project can potentially be
used to call the Google AI Gemini API. You can view and manage all your
project's API keys in the
APIs & Services > Credentials panel
in the Google Cloud console.
Adding
API key restrictions
can help limit the surface area usable through each API key. By default, the
Gemini API key generated by Google AI Studio can only be used with the Google AI
Gemini API (officially called the "Generative Language API" or
generativelanguage.googleapis.com
).
- If there are any API keys within your Google Cloud project that lack API
restrictions or any API keys that have allowlisted the Generative Language
API, then those keys can be used with the Google AI Gemini API. It's best
practice to restrict each API key to only the APIs that you call using that
key.
- Note that even with API key restrictions, if a malicious actor obtains your
API key, they can use it to make calls using your project's quota for all
the APIs allowlisted for that API key.
You're responsible for keeping your Gemini API key secure.
- Do NOT check Gemini API keys into source control.
- Client-side applications (Android, Swift, web, and Dart/Flutter) risk
exposing API keys, so we do not recommend using the Google AI client SDKs
in production apps to call the Google AI Gemini API directly from your
mobile and web apps. Check out the
SDK quickstarts
to learn
language-specific best practices for securing your API key.
For some general best practices, you can also review this
support article
.
Next steps
- Check out the
API quickstarts
to learn best practices
for securing your API key and using it.