配置应用默认凭证

如需使用 Gemini on Gemini Enterprise Agent Platform,您需要使用 Google Cloud API 密钥或使用 应用默认 凭据进行身份验证。我们建议使用 API 密钥进行测试,并使用应用默认凭证进行生产。本页面介绍了如何配置应用默认凭证。

准备工作

选择项目、启用结算功能、启用 Agent Platform API、安装 gcloud CLI

  1. 登录您的 Google 账号。

    如果您还没有 Google 账号,请 注册新账号

  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains the resourcemanager.projects.create permission. Learn how to grant roles.

    Go to project selector

  3. Verify that billing is enabled for your Google Cloud project.

  4. Enable the Agent Platform API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.

    Enable the API

  5. 安装 Google Cloud CLI。

  6. 如果您使用的是外部身份提供方 (IdP),则必须先使用联合身份登录 gcloud CLI

  7. 如需初始化 gcloud CLI,请运行以下命令: 

    gcloud init

  8. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains the resourcemanager.projects.create permission. Learn how to grant roles.

    Go to project selector

  9. Verify that billing is enabled for your Google Cloud project.

  10. Enable the Agent Platform API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.

    Enable the API

  11. 安装 Google Cloud CLI。

  12. 如果您使用的是外部身份提供方 (IdP),则必须先使用联合身份登录 gcloud CLI

  13. 如需初始化 gcloud CLI,请运行以下命令: 

    gcloud init

创建本地身份验证凭证

控制台

如果您使用的是本地 shell,请为您的用户 账号创建本地身份验证凭证: 

gcloud auth application-default login

如果您使用的是 Cloud Shell,则无需执行此操作。

如果返回了身份验证错误,并且您使用的是外部身份提供方 (IdP),请确认您已 使用联合身份登录 gcloud CLI

curl

运行以下命令以安装和运行 gcloud 来设置 应用默认凭证: 

curl -sSL https://storage.googleapis.com/cloud-samples-data/adc/setup_adc.sh

发出您的第一个 API 请求

配置应用默认凭证后,请参阅 API 快速入门,了解如何发出第一个请求。