設定應用程式預設憑證

本指南說明如何設定應用程式預設憑證 (ADC),以便在 Vertex AI 上使用 Gemini。

本指南涵蓋下列主題:

比較驗證方法

如要使用 Gemini API,可以透過 Google Cloud API 金鑰或應用程式預設憑證 (ADC) 進行驗證。下表可協助您根據用途選擇合適的方法。

方法 說明 建議用途
API 金鑰 這種經過簡易加密的字串可授予 API 存取權,但不會代表特定身分。 快速製作原型和測試,特別是在無法使用服務帳戶時。
應用程式預設憑證 (ADC) 這項策略會使用服務帳戶或使用者帳戶身分,根據應用程式環境自動尋找憑證。 生產應用程式和本機開發作業,因為 IAM 可提供更強大的安全性。

事前準備

選取專案、啟用帳單功能、啟用 Vertex AI API、安裝 gcloud CLI

  1. Sign in to your Google Account.

    If you don't already have one, sign up for a new account.

  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  3. Verify that billing is enabled for your Google Cloud project.

  4. Enable the Vertex AI API.

    Enable the API

  5. Install the Google Cloud CLI.

  6. If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.

  7. To initialize the gcloud CLI, run the following command: 

    gcloud init

  8. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  9. Verify that billing is enabled for your Google Cloud project.

  10. Enable the Vertex AI API.

    Enable the API

  11. Install the Google Cloud CLI.

  12. If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.

  13. To initialize the gcloud CLI, run the following command: 

    gcloud init

建立本機驗證憑證

If you're using a local shell, then create local authentication credentials for your user account: 

gcloud auth application-default login

You don't need to do this if you're using Cloud Shell.

If an authentication error is returned, and you are using an external identity provider (IdP), confirm that you have signed in to the gcloud CLI with your federated identity.

發出第一項 API 要求

設定應用程式預設憑證後,請參閱 API 快速入門導覽課程,瞭解如何發出第一個要求。