From 487debe525fa20c7bbfb3393ce455fbbae1aab3f Mon Sep 17 00:00:00 2001 From: Werner Robitza Date: Tue, 22 Jul 2025 23:10:13 +0200 Subject: [PATCH] add notes on API keys and .gemini/.env to authentication.md (#2004) Co-authored-by: Scott Densmore Co-authored-by: Sandy Tao --- docs/cli/authentication.md | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/docs/cli/authentication.md b/docs/cli/authentication.md index 03fa73e1..8e534d0b 100644 --- a/docs/cli/authentication.md +++ b/docs/cli/authentication.md @@ -33,12 +33,17 @@ The Gemini CLI requires you to authenticate with Google's AI services. On initia ```bash export GEMINI_API_KEY="YOUR_GEMINI_API_KEY" ``` - - For repeated use, you can add the environment variable to your [.env file](#persisting-environment-variables-with-env-files) or your shell's configuration file (like `~/.bashrc`, `~/.zshrc`, or `~/.profile`). For example, the following command adds the environment variable to a `~/.bashrc` file: + - For repeated use, you can add the environment variable to your [.env file](#persisting-environment-variables-with-env-files). + + - Alternatively you can export the API key from your shell's configuration file (like `~/.bashrc`, `~/.zshrc`, or `~/.profile`). For example, the following command adds the environment variable to a `~/.bashrc` file: + ```bash echo 'export GEMINI_API_KEY="YOUR_GEMINI_API_KEY"' >> ~/.bashrc source ~/.bashrc ``` + :warning: Be advised that when you export your API key inside your shell configuration file, any other process executed from the shell can read it. + 3. **Vertex AI:** - Obtain your Google Cloud API key: [Get an API Key](https://cloud.google.com/vertex-ai/generative-ai/docs/start/api-keys?usertype=newuser) - Set the `GOOGLE_API_KEY` environment variable. In the following methods, replace `YOUR_GOOGLE_API_KEY` with your Vertex AI API key: @@ -63,17 +68,25 @@ The Gemini CLI requires you to authenticate with Google's AI services. On initia export GOOGLE_CLOUD_PROJECT="YOUR_PROJECT_ID" export GOOGLE_CLOUD_LOCATION="YOUR_PROJECT_LOCATION" # e.g., us-central1 ``` - - For repeated use, you can add the environment variables to your [.env file](#persisting-environment-variables-with-env-files) or your shell's configuration file (like `~/.bashrc`, `~/.zshrc`, or `~/.profile`). For example, the following commands add the environment variables to a `~/.bashrc` file: + - For repeated use, you can add the environment variables to your [.env file](#persisting-environment-variables-with-env-files) + + - Alternatively you can export the environment variables from your shell's configuration file (like `~/.bashrc`, `~/.zshrc`, or `~/.profile`). For example, the following commands add the environment variables to a `~/.bashrc` file: + ```bash echo 'export GOOGLE_CLOUD_PROJECT="YOUR_PROJECT_ID"' >> ~/.bashrc echo 'export GOOGLE_CLOUD_LOCATION="YOUR_PROJECT_LOCATION"' >> ~/.bashrc source ~/.bashrc ``` + + :warning: Be advised that when you export your API key inside your shell configuration file, any other process executed from the shell can read it. + 4. **Cloud Shell:** - This option is only available when running in a Google Cloud Shell environment. - It automatically uses the credentials of the logged-in user in the Cloud Shell environment. - This is the default authentication method when running in Cloud Shell and no other method is configured. + :warning: Be advised that when you export your API key inside your shell configuration file, any other process executed from the shell can read it. + ### Persisting Environment Variables with `.env` Files You can create a **`.gemini/.env`** file in your project directory or in your home directory. Creating a plain **`.env`** file also works, but `.gemini/.env` is recommended to keep Gemini variables isolated from other tools.