feat(auth): Improve Gemini CLI API Key Authentication User Experience

[santhoshh-kumar]

TLDR

This PR improves the authentication flow for users of the Gemini API key. It introduces an interactive prompt for the API key if it's not set as an environment variable and updates the documentation accordingly.

Dive Deeper

This PR introduces a new interactive flow for capturing the user's Gemini API key. The implementation is centered around changes in the AuthDialog component and a new helper function for persisting the key.

File Changes and Implementation:

• packages/cli/src/config/auth.ts:

  • A new function, saveGeminiApiKeyToEnvFile, has been added. This function is responsible for persisting the user's API key to a .env file in the project's root directory.
  • It handles creating the .env file if it doesn't exist, appending the GEMINI_API_KEY if the file exists but doesn't contain the key, and updating the key if it already exists.

• packages/cli/src/ui/components/AuthDialog.tsx:

  • The AuthDialog component now manages a new piece of state, isEnteringApiKey, to toggle between the authentication method selection and the API key input view.
  • When a user selects "Use Gemini API Key" and the key is not already set, the component now renders a new view that prompts the user for their key.
  • This new view uses a new reusable component, CustomTextInput, for the key input, which masks the input for security.
  • The handleApiKeySubmit function calls saveGeminiApiKeyToEnvFile to persist the key and then updates the application's state to proceed with the authentication.

• packages/cli/src/ui/components/shared/CustomTextInput.tsx:

  • A new reusable Ink component for text input with masking has been created. This can be used in other parts of the CLI in the future.

• Testing (*.test.tsx, *.test.ts):

  • Comprehensive tests have been added for the new functionality.
  • auth.test.ts now includes tests for saveGeminiApiKeyToEnvFile, covering all the file interaction logic.
  • AuthDialog.test.tsx has been updated with tests for the new API key input flow, simulating user input and verifying the component's behavior.
  • Tests for the new CustomTextInput component have also been added.

Wrong API key input Screenshot:

Screenshots with correct API key input:

Reviewer Test Plan

1. Pull down this branch.
2. Ensure you do not have GEMINI_API_KEY set as an environment variable.
3. Run the Gemini CLI (gemini or npx @google/gemini-cli).
4. When prompted for the authentication method, select "Use Gemini API Key".
5. The CLI should now prompt you to enter your API key.
6. Enter a valid Gemini API key.
7. The CLI should proceed, and a .env file should be created in your project root with the key.
8. Run the CLI again. It should now use the key from the .env file and not prompt you for it again.
9. Press escape to exit the API key prompt and verify that you are returned to the authentication selection screen.

Testing Matrix

	🍏	🪟	🐧
npm run	❓	❓	✅
npx	❓	❓	✅
Docker	❓	❓	✅
Podman	❓	-	-
Seatbelt	❓	-	-

Linked issues / bugs

fixes #4912 #2202

[gemini-code-assist]

Summary of Changes

Hello @santhoshkumarCodes, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the user experience for authenticating with the Gemini CLI using an API key. Instead of solely relying on pre-set environment variables, the CLI now provides an interactive prompt to guide users through entering their API key. This key is then automatically saved to a local .env file, streamlining the setup process and ensuring the key is persisted for future use. The changes also include the introduction of a new reusable masked text input component and extensive testing to ensure the stability of these new features.

Highlights

• Enhanced API Key Authentication Flow: The Gemini CLI now offers an interactive prompt for users to enter their API key directly if it's not already set as an environment variable, significantly improving the initial setup experience.
• Automatic API Key Persistence: The entered API key is automatically saved to a .env file in the project's root directory, ensuring persistence across sessions and simplifying future use without requiring manual environment variable setup.
• New Reusable Masked Input Component: A new reusable CustomTextInput component has been developed, providing masked input capabilities for sensitive information like API keys, which can be leveraged for other input fields in the future.
• Robust Testing Coverage: Comprehensive unit tests have been added for the new API key saving logic and the interactive authentication dialog, ensuring the robustness and reliability of the improved user experience.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request enhances the Gemini CLI's API key authentication by introducing an interactive prompt, which is a great improvement for user experience. The implementation is well-tested and includes necessary documentation updates. However, I've identified two high-severity issues that should be addressed. Firstly, the method for updating the .env file isn't robust and could fail to update the key correctly in some common scenarios. Secondly, a new test file has been excluded from TypeScript's type checking, which compromises code quality and should be rectified. Please address these points to ensure the new functionality is both reliable and maintainable.

[gemini-code-assist]

The new test file src/ui/components/AuthDialog.test.tsx has been added to the exclude list in the TypeScript configuration. The comment above this list indicates this is done to ignore type errors. Introducing new code that has type errors and then suppressing them is a practice that compromises code quality. Please fix any type errors in AuthDialog.test.tsx and remove this line from the exclude list.

[santhoshh-kumar]

Hello @NTaylorMullen, I wanted to kindly follow up regarding this PR. Could you please let me know if the feature is still required? The PR has become stale, and I will be happy to resolve the conflicts and proceed if it is needed. Otherwise, I can close it. I would appreciate your feedback.

[bdmorgan]

Thank you for submission to the Gemini CLI project. At this time, we are closing this pull request in order to allow us to better triage and support more recent pull requests against the latest code changes. If you feel like this pull request is a critical contribution to the Gemini CLI project, please associate the pull request with an existing GitHub issue (instructions here: https://docs.github.com/en/issues/tracking-your-work-with-issues/using-issues/linking-a-pull-request-to-an-issue) before reopening. After Monday January 26 2026, any pull requests submitted by contributors without an associated issue will be automatically closed (more information here: #16706). If you do choose to reopen and submit this pull request, please ensure you rebase your changes onto the current main branch before resubmitting. This will help avoid merge conflicts and ensure your contribution is compatible with the latest codebase.