top | item 47162273

(no title)

The Gemini API is not enabled by default, it has to be explicitly enabled for each project.

The problem here is that people create an API key for use X, then enable Gemini on the same project to do something else, not realizing that the old key now allows access to Gemini as well.

Takeaway: GCP projects are free and provide strong security boundaries, so use them liberally and never reuse them for anything public-facing.

discuss

rezonant|4 days ago

Imagine enabling Maps, deploying it on your website, and then enabling Google Drive API and that key immediately providing the ability to store or read files. It didn't work like that for any other service, why should it work that way for Gemini.

Also, for APIs with quotas you have to be careful not to use multiple GCP projects for a single logical application, since those quotas are tracked per application, not per account. It is definitely not Google's intent that you should have one GCP project per service within a single logical application.

edoceo|3 days ago

Really? I make multiple GCP projects per app. One project for the (eg) Maps API, one for Drive, one for Mail, one for $THING. Internal corp-services might have one project with a few APIs enabled - but for the client-app that we sell, there are many projects with one or two APIs enabled only.

chrisjj|3 days ago

> It didn't work like that for any other service, why should it work that way for Gemini.

Artifical Intelligence service design and lack of human intelligence are highly correlated. Who'd have guessed??

refulgentis|4 days ago

I’m usually client side dev, and am an ex googler and very curious how this happened.

I can somewhat follow this line of thinking, it’s pretty intentional and clear what you’re doing when you flip on APIs in the Google cloud site.

But I can’t wrap my mind around what is an API key. All the Google cloud stuff I’ve done the last couple years involves a lot of security stuff and permissions (namely, using Gemini, of all things. The irony…).

Somewhat infamously, there’s a separate Gemini API specifically to get the easy API key based experience. I don’t understand how the concept of an easy API key leaked into Google Cloud, especially if it is coupled to Gemini access. Why not use that to make the easy dev experience? This must be some sort of overlooked fuckup. You’d either ship this and API keys for Gemini, or neither. Doing it and not using it for an easier dev experience is a head scratcher.

StilesCrisis|3 days ago

They started off behind, and have been scrambling to catch up. This means they didn't get the extra year of design-doc hell before shipping, so mistakes were made.

liveoneggs|3 days ago

they auto-create projects and api keys: gen-lang-client-12345

app-scripts creates projects as well but maps just generates api keys in the current project

--- Get Started on Google Maps Platform You're all set to develop! Here's the API key you would need for your implementation. API key can be referenced in the Credentials section.

tempest_|3 days ago

I was trying to test the gemini-cli using code assist standard.

To this day I am unable to access the models they say I should be able to.

I still get 2.5 only, despite enabling previews in the google cloud config etc etc.

The access seems to randomly turn on and off and swaps depending on the auth used (Oauth, api-key, etc)

The entire gemini-cli repo looks like it is full of slop with 1000 devs trying to be the first to pump every issue into claude and claim some sort of clout.

It is an absolute shit show and not a good a look.

liveoneggs|3 days ago

I was exploring this today and just clicked on the "maps" Platform or APIs & Services to just explore and it immediately popped up a screen with "This is your API key for maps to start using!" without my input.

It sent me to a url: https://console.cloud.google.com/google/maps-apis/onboard;fl...

which auto-generated an API key for me to paste into things ASAP.

---

Get Started on Google Maps Platform You're all set to develop! Here's the API key you would need for your implementation. API key can be referenced in the Credentials section.

franga2000|3 days ago

Isn't there a limit to the number of projects you can make and then you have to ask support to increase it?

simoncion|3 days ago

There is, yes. The rumor mill suggests that the default limit is 30.

At $DAYJOB, we had a (not very special) special arrangement with GCP, and I never heard of anyone who was unable to create a project in our company's orgs [0].

Given how Google never, ever wants to have a human do customer support, I expect a robot will quickly auto-approve requests for "number of projects" quota increases. I know that's how it worked at work.

[0] ...with the exception of errors caused by GCP flakiness and other malfunction, of course.