My_gemini_api_key

Hello Google team and community,

For the past ~2 days (starting early March 2026), I’m facing a consistent issue when deploying directly from the “Deploy” button in Google AI Studio to Cloud Run:

• The app uses the auto-generated backend proxy (/api-proxy/).

• In the browser console logs (and the WebSocket URL itself), the placeholder is never replaced: wss://[my-service-name].run.app/api-proxy//ws/google.ai.generativelanguage.v1beta.GenerativeService.BidiGenerateContent?key=MY_GEMINI_API_KEY

• This causes a WebSocket connection failure (“failed”) + error event, since no valid key is sent to Gemini.

This exact same prompt/project/model was deploying and working perfectly until 2–3 days ago.

What I’ve already tried (without success):

• Regenerating the API key on https://aistudio.google.com/app/apikey

• Deleting and re-creating the deployment from AI Studio

• Manually adding/correcting the environment variable in Cloud Run (both GEMINI_API_KEY and GOOGLE_API_KEY) → the frontend/proxy still shows the placeholder

• Adding a client-side form in the app to input the key → ignored, because the generated code forces server-side proxy usage

• Exporting the code + local testing with .env file → works fine locally, but I’d prefer the one-click deploy for simplicity

Additional details:

• Model used: [add your model here, e.g., gemini-1.5-flash or gemini-2.0-flash-exp]

• Cloud Run region: us-west1

• App type: streaming / BidiGenerateContent via WebSocket (chat with history or multimodal)

• Exact browser console error: WebSocket connection to ‘[URL]’ failed + Error Event object

Is this a known bug related to recent security/proxy changes (late 2025 / early 2026)?
Is there a missing toggle or extra step to ensure server-side key injection?
Or is the one-click Cloud Run deployment temporarily broken for WebSocket-based apps?

Thanks a lot for any help, workaround, or confirmation!
Happy to provide more logs, screenshots, or the exact project setup if needed.

Best regards,

I went through the same thing and used the same fix. Maybe auto-publish is blocked for security purposes?

I’m facing the same isue. When testing the app on a deployment, can’t connect to the API KEY

The only solution was to deploy with .env on my own computer.
That’s crazy !!

So you are running it on your own machine?

Say simply, Your app’s source code does not (and should not) contain the API key. Instead, the app needs to “look up” a specific key from Secret Manager. To make this happen, your Nginx container must have the “key to find the secret.”

You must manually link the secret in your Cloud Run service container settings. AI Studio cannot do this for you anymore.

Should I do it like you are saying or I should wait for google to fix it?

Dear Kircho

it’s actually not that difficult once you try. Even I, who am not a professional developer, managed to do it.

​I’m not sure if Google will ever revert this to the ‘old way.’ In my opinion, they are probably pushing us to use Secret Manager as the new standard. After all, API keys should never be exposed under any circumstances for security reasons.

Best regard,

Thank you, is there a guide for how to do this?