
How to Generate Gemini API Key for Free in 2025 (5 Easy Steps)
If you want to use Google’s Gemini AI, you need a Gemini API Key.
It’s like a password that lets your apps talk to the AI models.
Getting a key is easy. You can start for free and test the AI without paying anything.
In this guide, you will learn how to generate your Gemini API Key step by step. You will also see how to use it safely and avoid common mistakes.
So, let's get started!
What is a Gemini API Key?
A Gemini API Key is a unique code that lets you access Google’s Gemini AI models. You need it whenever you send requests from your app or code.
It works like an ID. Google knows that requests with your key come from you. Without it, you cannot use the AI models.
The key works for different AI tasks. You can generate text, create images, or use other features that Gemini offers. The free tier gives limited access, but it is enough to explore and test the AI.
How to Generate Gemini API Key – 5 Easy Steps for Beginners

Generating a Gemini API Key is simple. You can do it in a few clicks. Follow these steps to get your key quickly.
- Sign in to Google AI Studio
- Navigate to the API Keys section
- Create a new project or select an existing one
- Click “Create API Key”
- Copy your API key and save it securely
Once you have your key, you can start using Gemini AI in your apps or experiments right away. Keep it safe and don’t share it publicly.
Now, let's get into the details!
1. Sign in to Google AI Studio
The first step is to open Google AI Studio. Use your Google account to sign in. If you don’t have one, you will need to create it.
If this is your first time visiting Google AI Studio, a pop-up will appear asking you to accept the Terms of Service for Generative AI. This is a mandatory, quick legal step. Read them over and click “Accept” or “Continue” to proceed to the main dashboard.
Click on the Get started option to log in or sign up.

Once you are signed in, you will see the main dashboard. This is where you manage projects and API keys. Being logged in with your account is necessary. Google uses it to link your API key to you.
2. Navigate to the API Keys Section
After signing in, look for the API Keys option in the dashboard. Now click on the ‘Get API Key‘ optio nand you will see any existing keys if you have them.
This is also where you can create new keys. The API Keys section keeps all your keys organized in one place.

3. Create a New Project or Select an Existing One
On the API Key management page, you will see a prominent button that says “Create API Key.”

Before you can generate a Gemini API Key, you need a project in Google AI Studio. Click on the ‘Create API Key‘ and you'll have two options:
- Select an existing project if you already have one. This keeps everything in the same place.
- Create a new project if you want to start fresh. Click “New Project” and give it a name that is easy to remember.

If you are a beginner and have never created a project before, click on the ‘+ Create project' and a new interface will pop up.
Give your project a name and hit the ‘Create project‘ button.

If your project is created successfully, you'll get it in the drop-down list.

4. Create a Gemini API Key
Now select the project name from the drop-down list and give your API key a name. Then hit the ‘Create Key‘ button.

After clicking the button, Google will instantly generate a new key for your project. The key is a long string of letters, numbers, and symbols.
This key is what your apps or scripts use to access Gemini AI. It tells Google which account and project are making the requests. Without it, your app cannot communicate with the AI models.
5. Copy Your API Key and Save It Securely
After creating your API key, you will see it displayed on the screen. It looks like a long mix of letters, numbers, and symbols. This key is unique to your account and project.

Copy it immediately and store it somewhere safe. You can save it in a password manager, a secure document, or as an environment variable in your computer. Treat it like a password because anyone with this key can access your Gemini AI account.
Do not share it publicly. Avoid posting it on forums, GitHub, or social media. If the key is exposed, someone else could use your free tier or cause unexpected charges.
For extra safety, Google allows you to restrict your API key. You can limit it to certain IP addresses, apps, or projects. This adds a layer of security so only your apps can use it.
Once your key is safely stored, you are ready to start using Gemini AI in your apps, scripts, or experiments.
Security Best Practice: How to Protect Your Gemini API Key

Once you have your unique key, the next and most critical step is ensuring it never falls into the wrong hands. A compromised API key can lead to unauthorized usage and unexpected billing charges.
Follow these best practices to keep your credentials safe.
A. The Danger of Hardcoding
Hardcoding means embedding the key directly within your application code, like this:
const apiKey = "AIzaSyB-Your-Key-Should-Not-Be-Here";
// ... code continues
This is the number one security risk. If you hardcode the key:
- Public Exposure: If you ever upload your code to a public repository (like GitHub), the key is instantly exposed to the world.
- Client-Side Leakage: In client-side environments (like pure JavaScript in a browser or a mobile app), the code can be easily viewed and the key extracted by anyone using the application.
The Golden Rule: Never commit your API key to any version control system (Git) or expose it on the client side.
B. The Solution: Environment Variables (Recommended)
The most secure way to handle your API key in a development environment is by using environment variables. This keeps the key external to your source code, so you can share your code without sharing your secret key.
Many of the Gemini SDKs (like Python and Node.js) are designed to automatically look for the GEMINI_API_KEY
variable.
1. How to Set GEMINI_API_KEY
on macOS/Linux (Bash/Zsh)
You set the variable within your shell's profile file (e.g., ~/.zshrc
or ~/.bashrc
) to make it persistent across terminal sessions.
- Open your shell configuration file:
# For Zsh (default on newer macOS): nano ~/.zshrc # For Bash (common on older Linux/macOS): nano ~/.bashrc
- Add the export command to the end of the file:
export GEMINI_API_KEY="AIzaSyB-Your-Actual-Key-Goes-Here"
- Save the file and apply the changes by running:
source ~/.zshrc # or source ~/.bashrc
2. How to Set GEMINI_API_KEY
on Windows
- Search for “Environment Variables” in the Windows search bar and select “Edit the system environment variables.”
- In the System Properties dialog, click the “Environment Variables…” button.
- Under “User variables” (for your account only), click “New…”.
- Set the Variable name to
GEMINI_API_KEY
. - Set the Variable value to your actual Gemini API key.
- Click OK on all dialogs and open a new Command Prompt or PowerShell window to make the variable available.
C. Advanced Tip: API Key Restrictions
For production applications, you should restrict your API key usage to minimize damage if the key is ever leaked. You do this in the Google AI Studio or Google Cloud Console.
- API Restrictions: By default, your key is restricted to the Generative Language API (which powers Gemini). You should ensure this is the only API it can call.
- Client Restrictions (Optional but Recommended): Limit where the key can be used:
- HTTP Referrers: If the key is used on a website, you can limit it only to your domain (e.g.,
*.yourdomain.com/*
). - IP Addresses: If the key is used from a server, you can restrict it to the static IP address of that server.
- Mobile Apps: For native Android/iOS apps, you can restrict it by the application ID and signing certificate hash.
- HTTP Referrers: If the key is used on a website, you can limit it only to your domain (e.g.,
Pro Tip: Use a Server-Side Proxy If you are building a front-end website (like a React or Vue app) that needs to use the key, the most secure method is to route all API calls through your own backend server. The key is stored securely on the server as an environment variable, and the front-end only communicates with your secure endpoint, never touching the Gemini API key itself.
How to Validate Your Newly Created Gemini API Key
Once you've securely saved your key as an environment variable, it's time to confirm that it's active and working correctly. This verification step ensures you can connect to the Gemini API before you start writing complex code.
Verification
The most straightforward way to verify your key is to run a simple API call. Since the key is now stored as the GEMINI_API_KEY
environment variable on your system, you can use a command-line utility like cURL to make a direct HTTP request to the Generative Language API.
A successful response (HTTP status code 200) containing generated text confirms that:
- Your key is valid.
- Your connection to the Gemini API is functional.
- The specified model (
gemini-2.5-flash
) is accessible.
B. Test Command (using cURL)
Open a new terminal window or command prompt and execute the following command:
curl -X POST "[https://generativelanguage.googleapis.com/v1beta/models/gemini-2.5-flash:generateContent](https://generativelanguage.googleapis.com/v1beta/models/gemini-2.5-flash:generateContent)" \
-H 'Content-Type: application/json' \
-H "x-goog-api-key: ${GEMINI_API_KEY}" \
-d '{
"contents": [{
"parts": [{
"text": "What is the primary function of an API key?"
}]
}]
}'
Expected Successful Output (abbreviated): If successful, you will receive a JSON response containing a text
field with the model's answer:
{
"candidates": [
{
"content": {
"parts": [
{
"text": "The primary function of an API key is to authenticate and authorize a user or application when making requests to an API, allowing the provider to control access and manage usage."
}
]
}
}
// ...
]
}
If you receive an HTTP 400 or 403 error, carefully re-check that you correctly copied your key and set the environment variable as described in the previous section.
Gemini API Key – Free Tier and Pricing
The Gemini API offers a generous Free Tier designed specifically for developers, students, and hobbyists to learn, experiment, and prototype applications without requiring a credit card.
A. Free Tier Highlights and Limitations
The Free Tier provides substantial capacity for development, but it is not intended for high-traffic production use. Your access is governed by quotas, which are typically measured across three dimensions and vary by the specific model you call:
- Requests Per Minute (RPM): The number of API calls you can make in a 60-second window.
- Tokens Per Minute (TPM): The total number of tokens (input and output combined) processed in a 60-second window.
- Requests Per Day (RPD): The total number of requests allowed in a 24-hour period (resets at midnight Pacific Time).
For popular models used in prototyping, such as Gemini 2.5 Flash, the free tier limits are generous enough to handle significant development and testing:
Metric | Typical Free Tier Limit (e.g., Gemini 2.5 Flash) | Purpose |
---|---|---|
RPM | ~10 RPM | Ideal for low-frequency testing and single-user applications. |
TPM | ~250,000 TPM | Allows for large context windows and substantial data processing. |
RPD | ~250 RPD | Perfect for daily development and iterative testing. |
Important Note: If you exceed any of these limits, the API will return a rate limit error (e.g., HTTP 429). If you consistently hit these limits, you should enable billing to automatically move into the higher usage tiers.
B. When to Upgrade to Production (Vertex AI)
The Gemini Developer API (accessed via Google AI Studio and your API key) is the “fast path” for building. However, for serious, large-scale, or enterprise applications, the recommended step is to transition to the Vertex AI Gemini API.
Feature | Gemini Developer API (AI Studio) | Vertex AI Gemini API (Google Cloud) |
---|---|---|
Use Case | Prototyping, hobby projects, rapid development | Enterprise, mission-critical applications, large-scale deployment |
Authentication | Simple API Key | Identity and Access Management (IAM) service accounts |
Data Control | Data may be used for product improvement (in the Free Tier) | Enterprise-grade security, data residency, and compliance controls |
Scalability | Rate limits require billing configuration to increase | Designed for massive scale with guaranteed Service Level Agreements (SLAs) |
The decision is simple: If your application is moving beyond prototyping and needs guaranteed performance, advanced security, or compliance features, migrate to Vertex AI.
Start Using Your Gemini API Key Today
Generating a Gemini API Key is simple. You can create it in a few steps and start exploring Google’s AI models right away.
Keep your key safe and follow the security tips. Test it to make sure it works, and be aware of free tier limits to avoid issues.
Now that you have your key, you can start building apps, running experiments, or learning AI. Grab your Gemini API Key and start creating today!
If you want to create the ChatGPT API Key as well, follow our step-by-step tutorial on generating ChatGPT API Key and create it with ease!
That being said, if you face any complications while creating Gemini API Key for your project, feel free to share that with us using the comment box below. We would love to address your questions. Take care!