How to get a Google Gemini API key

Google's Gemini API has the friendliest free tier of any major provider, and the gnarliest auth model. The "easy path" through Google AI Studio is fine for prototypes; for production you'll want to graduate to Vertex AI or at least understand the difference.

The two-minute path: Google AI Studio

Open aistudio.google.com/app/apikey. Click Create API key. Pick a Cloud project (or let it create a new one). Copy the AIza… key. That's it.

The free tier on this key gives you small but real RPM and TPM caps on Flash. Plenty for a weekend project. As soon as you ship to anyone real, link a billing account from console.cloud.google.com — same key, suddenly the rate limits are 10–100× higher.

Restrict the key

An AIza... key is a generic Google API key. By default it can call any Google API your project has enabled. Don't leave it that wide. From console.cloud.google.com → APIs & Services → Credentials, click your key and under API restrictions select Restrict key, then enable only the Generative Language API. Set Application restrictions to HTTP referrers for browser keys or IP addresses for server keys.

Verify it works

Paste the key into the Gemini tester. The validator hits the ?key=… models list, prints which Gemini variants you have access to, and times the call. If you're outside us-central1 you'll see ~200ms of extra latency.

Vertex AI is the production answer

For real production traffic, switch from API keys to Vertex AI. It runs the same models, but auth is Google Cloud — service accounts, ADC, IAM roles. You get regional endpoints, VPC controls, audit logs, and the rate limits scale with your GCP quota. The Gemini SDK automatically handles the auth swap; the only code change is the constructor.

What to do next

Read the security guide and consider other free tiers if you're just exploring.