Google Gemini API
GoogleAI API1 credential
Gemini API Key
google-gemini / api-key
Gemini API keys authenticate requests to Google's Gemini API. Google documents standard and authorization API keys, the x-goog-api-key HTTP header, and the GEMINI_API_KEY / GOOGLE_API_KEY environment variables.
Looks like
exampleAIzaSyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXLocation
GEMINI_API_KEYGOOGLE_API_KEYGoogle docs state GOOGLE_API_KEY takes precedence if both variables are set
x-goog-api-keyGemini REST API key header
notebooks, sample apps, client SDK configuration, committed .env files
.env, shell profiles, deployment manifests, server config
CI/CD variables, Google Secret Manager, hosted app settings
REST client logs and gateway logs containing x-goog-api-key headers
Notes
Google distinguishes standard Gemini API keys from authorization keys. Both are bearer-style secrets for Gemini requests; rotate any key found in source code, notebooks, logs, or shared deployment configuration.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.