How to Get a Gemini API Key — and Connect It to Your Product

February 20, 2026

Updated May 2026

Gemini is Google's family of large language models, available via Google AI Studio and Google Cloud (Vertex AI).

If you want to use Gemini inside a SaaS product, an internal AI tool, an AI agent with tool-calling, or a multi-model GenAI system, you'll need a Gemini API key.

This guide covers:

1. Creating a Gemini API key in Google AI Studio
2. Restricting and securing your key
3. Testing your first request
4. Connecting Gemini to Unified's Generative AI API
5. Enabling Gemini tool-calling via [Unified MCP](/mcp)

Step 1: Access Google AI Studio

Go to https://aistudio.google.com and sign in with your Google account.

On first access you'll need to:

• Accept Google's Generative AI terms of service
• Confirm region availability (the Gemini API is not available in every country)
• Acknowledge data usage and privacy policies

AI Studio is the fastest path to a working key and is appropriate for most production workloads. The Vertex AI path (Google Cloud) is the right choice if you need GCP IAM, regional endpoints, audit logs, or VPC controls — see the Vertex AI section below.

Step 2: Navigate to API Keys

In the left sidebar, click Get API key, or go directly to aistudio.google.com/app/apikey.

The interface shows:

• Your existing API keys and the Google Cloud project each is tied to
• Usage statistics per key
• Buttons to create new keys or delete old ones

Each Gemini API key is tied to a Google Cloud project. If you're new, Google may auto-create a default project, or you can create or import one manually.

Step 3: Create Your API Key

Click Create API key. You'll see two options:

Create key in new project — AI Studio creates a Google Cloud project automatically. Zero configuration, fastest path. Best for prototyping.

Create key in existing project — Pick a project you have access to. Required if you want to integrate with other GCP services or if your org's billing is consolidated under one project.

Pick one and click Create API key.

Step 4: Copy and Store Your Key

The key appears immediately and starts with AIza followed by alphanumeric characters:

AIza...

Unlike OpenAI and Anthropic — which show keys only once — Google lets you view this key again later from the AI Studio dashboard. That's a usability difference, not a reason to treat it less carefully. Treat it like a password from the moment it appears.

Store it as an environment variable:

export GEMINI_API_KEY="AIza..."

The official Google Gen AI SDKs (Python, Node, Go, Java) automatically read GEMINI_API_KEY. They will also read GOOGLE_API_KEY if set — if both are present, GOOGLE_API_KEY takes precedence.

For production: use Google Secret Manager or another secrets manager. Never commit keys to Git, embed them in frontend code, or paste them into Slack or shared docs.

Step 5: Restrict Your API Key

This step is required, not optional.

Starting June 19, 2026 — less than 30 days from now — Google will block Gemini API calls made with keys that do not have API-level restrictions configured. Keys still set to "any API" will stop working with Gemini endpoints after that date. Requests will return authentication errors until the key is restricted or replaced.

This change targets legacy Google Cloud API keys that silently gained Gemini access when teams enabled the Generative Language API on existing projects. Exposed unrestricted keys have been used to drive five-figure Gemini bills in hours.

Minimum action required before June 19:

In Google Cloud Console → APIs & Services → Credentials, edit each key that should call Gemini and set API restrictions → Restrict key → Generative Language API only. This is the minimum change required to remain compliant after the cutoff.

Recommended additional actions:

• IP restrictions: for server-side use, restrict the key to the specific backend IPs or IP ranges that will call Gemini
• Rotate compromised keys: any key that has ever been used in client-side JavaScript, mobile apps, or public repos should be rotated and replaced with a locked-down server-side key
• Delete unused keys: audit all keys in the project and delete any that are no longer needed

Keys that already have API restrictions set to the Generative Language API are compliant and will continue to work after June 19. IP restrictions are not required by the June 19 deadline but are strongly recommended for production.

Step 6: Test Your API Key

curl "https://generativelanguage.googleapis.com/v1beta/models/gemini-2.5-flash:generateContent" \
  -H "x-goog-api-key: $GEMINI_API_KEY" \
  -H "Content-Type: application/json" \
  -X POST \
  -d '{
    "contents": [{
      "parts": [{
        "text": "Explain how AI works in a few words."
      }]
    }]
  }'

Two things to note:

Use the x-goog-api-key header, not ?key= query parameter. Google's current security guidance explicitly recommends the header form. Query parameters expose keys in URLs, server logs, and intermediary tooling. Older guides showing ?key=YOUR_API_KEY reflect a legacy pattern — don't copy it into new code.

The endpoint uses v1beta****. Both v1 and v1beta exist, but most current model features land in v1beta first. It's stable in practice.

A successful response returns a candidates array containing the generated text.

Which Gemini Model Should You Use?

Current model lineup as of May 2026, with pricing per million tokens:

Recommended default for new integrations: gemini-3.5-flash — GA, fast, cost-effective, multimodal.

Models to migrate away from immediately:

• gemini-2.0-flash, gemini-2.0-flash-001, gemini-2.0-flash-lite, gemini-2.0-flash-lite-001 — all shut down June 1, 2026
• gemini-pro, gemini-pro-vision — retired, return 404
• All gemini-1.0-* and gemini-1.5-* models — retired

If you have code targeting any of these, migrate to gemini-2.5-flash or gemini-3.5-flash before June 1.

Is the Gemini API Free?

Yes, with limits. Google AI Studio offers a free tier — no billing setup required to get started.

Free tier limits as of Q2 2026 (check your AI Studio dashboard for current limits — Google publishes them there rather than on a static docs page because the numbers change):

RPD limit applies to grounded-search calls only on paid tiers; standard generation calls are not RPD-capped at Tier 1+.

Gemini 2.5 Flash follows the same Tier 1–3 structure on paid plans. To move from Free to Tier 1: enable Cloud Billing on the project linked to your key. To request higher limits beyond defaults: submit a quota increase request in Cloud Console.

Google reduced free tier limits significantly in late 2025. Older guides showing 60 RPM or 1M tokens per month are stale.

Some Gemini 3.x models have a free tier — gemini-3.5-flash and gemini-3-flash-preview are both free tier eligible. The Pro and image generation variants (gemini-3.1-pro-preview, gemini-3.1-flash-image-preview) are paid tier only.

Gemini API Key Format

Gemini API keys all start with AIza followed by a long alphanumeric string. This is Google's standard API key format used across many Google APIs, not just Gemini. If your key doesn't start with AIza, it isn't a Gemini API key.

Security Best Practices

• Restrict every key — as of June 19, 2026, unrestricted keys won't work with Gemini. Set API restrictions to Generative Language API only, and add IP restrictions for server-side use.
• Use separate keys per environment — dev, staging, and prod should never share a key.
• Rotate quarterly — not just when you suspect a leak.
• Set hard quotas — a runaway loop hitting a free key is annoying; a runaway loop hitting a paid key with no cap is expensive.
• Never expose keys in frontend code — a key in a React bundle is a key in the wild.
• Use service accounts for Vertex AI — if you're on Vertex AI, service accounts are more secure than API keys for production servers.
• Monitor usage daily — in Cloud Console, watch for unexpected spikes at unusual hours.

How Gemini API Keys Compare to Other LLM Providers

If you're integrating more than one model provider, auth patterns, endpoint structures, and environment variable conventions differ enough to cause friction. Here's how the providers Unified's Generative AI API supports compare:

Three patterns worth noting before you build:

• Gemini is the most different — x-goog-api-key header instead of Authorization: Bearer, a contents/parts request shape instead of a messages array, and no OpenAI SDK compatibility. Migrating to or from Gemini requires more than a base URL swap.
• Anthropic also uses a non-standard auth header — x-api-key instead of Authorization: Bearer. Two lines change when migrating from OpenAI to Anthropic.
• Groq, DeepSeek, and Grok are the easiest OpenAI migrations — swap base URL and key, keep the rest of your code.

When to Move to Vertex AI

You should migrate from AI Studio to Vertex AI (Google Cloud) when:

• You need IAM-controlled access — service accounts, IAM roles, audit logs
• You need regional endpoints for data residency requirements
• Your security team requires VPC Service Controls
• You want consolidated GCP billing across all Google services
• You're using fine-tuning, custom model serving, or batch prediction

You don't need Vertex AI just because you're going to production. A standard AI Studio API key with restrictions and a budget cap is sufficient for most production workloads.

Note: AI Studio API keys and Vertex AI use different authentication mechanisms. AI Studio keys start with AIza; Vertex AI uses Google Cloud service accounts and OAuth tokens. They are not interchangeable.

Using Gemini in a Multi-Model Architecture

Most AI-native SaaS teams don't rely on a single provider long term. Common reasons: cost optimization, fallback when one provider degrades, model specialization, enterprise procurement requirements.

Instead of building separate integrations for Gemini, OpenAI, Anthropic, Groq, and Cohere, you can integrate once against Unified's Generative AI API.

Build once across LLM providers

Unified's Generative AI API standardizes three core objects across providers — including Gemini:

Model — id, max_tokens, temperature support

Prompt — model_id, messages, temperature, max_tokens, responses, tokens_used

Embedding — model_id, content, dimension, embeddings, tokens_used

This allows you to:

• Switch between Gemini and other providers without rewriting integration code
• Run the same prompt across providers and compare outputs
• Route requests dynamically based on cost or availability
• Generate embeddings consistently across providers

Your product logic stays stable. Provider differences are abstracted at the integration layer.

Let Gemini take action via Unified MCP

Text generation is one layer. Production AI features require structured, authorized reads and writes against customer SaaS platforms — listing CRM deals, retrieving candidates, fetching files, updating records, writing notes.

Unified's MCP server connects Gemini to customer integrations through tool-calling.

Gemini uses function_declarations for tool calling. The format is consistent across Gemini 2.5 and 3.x models:

"tools": [
  {
    "function_declarations": [
      {
        "name": "list_candidates",
        "description": "List candidates from the ATS",
        "parameters": {
          "type": "object",
          "properties": {
            "limit": {"type": "integer"}
          },
          "required": ["limit"]
        }
      }
    ]
  }
]

High-level flow:

1. Fetch tools in Gemini format: GET /tools?type=gemini
2. Provide tools to the Gemini API call
3. Gemini returns a functionCall object nested inside candidates[].content.parts[]:

{
  "candidates": [
    {
      "content": {
        "parts": [
          {
            "functionCall": {
              "name": "list_candidates",
              "args": {
                "limit": "100"
              }
            }
          }
        ]
      }
    }
  ]
}

Note the camelCase functionCall — Gemini's REST API uses camelCase throughout. A snake_case function_call field will not be recognized.

1. Call Unified: POST /tools/{id}/call
2. Return the tool result back to Gemini

MCP URLs (regional):

• https://mcp-api.unified.to/mcp
• https://mcp-api-eu.unified.to/mcp

MCP safety controls:

• hide_sensitive=true — removes PII fields from tool results
• permissions=... — restricts what the connection can do
• tools=... — limits the tool set to reduce model overload
• Regional endpoints (US/EU/AU)

LLMs have tool limits. Scoping is not optional — it's required for stable deployments.

Troubleshooting Common Errors

"API key not valid. Please pass a valid API key." The key is wrong, deleted, or the Generative Language API isn't enabled on the linked GCP project. Check the key for trailing whitespace, verify the API is enabled under APIs & Services → Enabled APIs, and confirm the key has API restrictions set to include the Generative Language API. In Vite, env vars must start with VITE_; in Create React App, REACT_APP_. Restart your dev server after changing .env.

401 — "API keys are not supported by this API" You're hitting a Vertex AI endpoint that requires OAuth2 or Application Default Credentials, not an AI Studio API key. Check that GOOGLE_GENAI_USE_VERTEXAI is not set if you intend to use the standard Gemini API. For Vertex AI, authenticate with gcloud auth application-default login or a service account.

404 NOT_FOUND: models/{model_name} is not found You're calling a retired or non-existent model. The most common cause: code still targeting gemini-pro, gemini-pro-vision, any gemini-1.0-* or gemini-1.5-* string, or the gemini-2.0-flash family (retiring June 1, 2026). Migrate to gemini-2.5-flash or gemini-3.5-flash.

429 RESOURCE_EXHAUSTED You've hit a quota. Free tier is approximately 10 RPM / 500 RPD on Gemini 2.5 Flash. Either wait and retry with exponential backoff, enable billing on the linked GCP project, or check the AI Studio dashboard for your current limits.

400 INVALID_ARGUMENT The request shape is wrong. Most common cause: copy-pasted an OpenAI-style messages array instead of Gemini's contents array of {role, parts} objects.

403 PERMISSION_DENIED Your API key doesn't have permission to access the requested model, or the key's API restrictions don't include the Generative Language API. Verify restrictions in Google Cloud Console → APIs & Services → Credentials.

Calls failing after June 19, 2026 If you're seeing auth errors that weren't happening before, your key likely lacks API restrictions and was blocked by Google's unrestricted key deprecation. Add API restrictions in Google Cloud Console, or generate a new restricted key.

Geographic / regional access errors The Gemini API is unavailable in a handful of countries. Check Google's available regions list. VPNs are not a supported workaround for production.

FAQ

Where do I find my Gemini API key? At aistudio.google.com/app/apikey. Unlike OpenAI and Anthropic, Google lets you view the key value again from the dashboard — it isn't shown only once.

How do I get a Gemini API key for free? Sign in to AI Studio at aistudio.google.com, accept the terms, and click Create API key. Free tier rate limits apply. No credit card required to start.

Is the Gemini API free? There is a free tier with limited rate limits — approximately 10 RPM and 500 requests per day on Gemini 2.5 Flash as of Q2 2026. The Gemini 3.x preview models are paid tier only. Free tier limits were significantly reduced in late 2025; check your AI Studio dashboard for current numbers.

What does a Gemini API key look like? A string starting with AIza followed by alphanumeric characters. This is Google's standard API key format used across many Google APIs.

What is the June 19, 2026 unrestricted key change? Starting June 19, 2026, Google will block Gemini API calls from keys that don't have API-level restrictions configured. Keys set to "any API" will stop working with Gemini. The fix is to add API restrictions (Generative Language API only) to each affected key in Google Cloud Console. Keys that already have API restrictions are not affected.

What's the difference between Google AI Studio and Vertex AI? AI Studio is the developer-friendly path: sign in with a Google account, get a key, start building. Vertex AI is the enterprise path: GCP IAM, regional endpoints, audit logs, VPC controls. Same underlying models, different access and authentication models. AI Studio keys don't work with Vertex AI endpoints.

Why does the API endpoint say v1beta****? Google's Gemini API has used v1beta as the primary versioned path for most current model features. It's stable in practice. Use v1beta for new integrations.

Can I use the OpenAI SDK with Gemini? Not directly. Gemini uses x-goog-api-key for authentication and a contents array of {role, parts} objects for requests — both differ from OpenAI's format. You need Google's Gen AI SDK or the raw REST API.

How do I set the GEMINI_API_KEY environment variable in Python?

export GEMINI_API_KEY="AIza..."

Then in Python:

from google import genai
client = genai.Client()  # picks up GEMINI_API_KEY from env
response = client.models.generate_content(
    model="gemini-2.5-flash",
    contents="Explain how AI works in a few words."
)
print(response.text)

What happened to gemini-pro****? Retired — calls to gemini-pro and gemini-pro-vision return 404. All Gemini 1.0 and 1.5 models are also retired. Migrate to gemini-2.5-flash or gemini-3.5-flash.

What's the difference between gemini-2.5-flash and gemini-3.5-flash****?gemini-2.5-flash is the stable free-tier-eligible model, retiring October 16, 2026. gemini-3.5-flash is the current GA flagship — faster, more capable, paid tier only at $1.50/$9.00 per million tokens. For new integrations, start with gemini-3.5-flash.

Key takeaway

Calling Gemini directly is straightforward. Building multi-model routing, embedding pipelines, agent-based actions, and enterprise-grade SaaS integrations requires infrastructure.

Unified was built for AI-native SaaS teams that need:

• Real-time data access
• Unified pass-through architecture
• Zero storage of customer data
• Usage-based pricing aligned with API volume
• MCP-compatible integration across 450+ integrations

Gemini generates reasoning. Unified connects that reasoning to structured SaaS data and authorized actions.

→ Start your 30-day free trial

→ Book a demo