Vertex Gemini setup
Port's vertex-gemini provider connects to Google Vertex AI Gemini models. You register the model IDs your project exposes, then authenticate with either a GCP service account or Vertex AI Express Mode (API key). Complete the steps below before Step 2: store API keys in secrets in the main setup guide.
Step 1: Prepare your GCP project
- Enable the Vertex AI API for your GCP project.
- Confirm the Gemini models you need are available in your chosen region.
- Create a service account (skip this if you use Express Mode only):
- In the Google Cloud console, go to IAM & Admin → Service accounts and create a service account for Port.
- Grant the service account the Vertex AI User role (
roles/aiplatform.user), or a custom role that includesaiplatform.endpoints.predictfor the models you use. - Create a JSON key for the service account. You will store
client_emailandprivate_keyfrom this file as separate Port secrets.
Use either Express Mode (apiKeySecretName) or the full service-account fields (clientEmailSecretName, privateKeySecretName, project, location). Port rejects configurations that mix both auth modes or leave either mode incomplete.
Step 2: Store credentials in Port secrets
Follow store API keys in secrets in the main guide. Secret names are flexible; reference the same names in your provider config.
Service account authentication
| Secret purpose | Example secret name | Value |
|---|---|---|
| Service account email | VERTEX_SA_CLIENT_EMAIL | client_email from the JSON key |
| Service account private key | VERTEX_SA_PRIVATE_KEY | private_key from the JSON key (PEM, including -----BEGIN PRIVATE KEY-----) |
If you paste the private key with literal \n characters instead of real line breaks, Port normalizes them when calling Vertex AI.
Express Mode authentication
| Secret purpose | Example secret name | Value |
|---|---|---|
| Vertex AI API key | VERTEX_EXPRESS_API_KEY | API key from Vertex AI Express Mode |
Step 3: Register with the Port API
Call Create or connect an LLM provider with validate_connection=true while testing. Set provider to "vertex-gemini" and list at least one model in config.models. Each name must be at least three characters and must match the model ID you invoke on Vertex AI (for example gemini-2.5-flash).
Service account example
{
"provider": "vertex-gemini",
"enabled": true,
"config": {
"clientEmailSecretName": "VERTEX_SA_CLIENT_EMAIL",
"privateKeySecretName": "VERTEX_SA_PRIVATE_KEY",
"project": "my-gcp-project",
"location": "us-central1",
"models": [
{
"name": "gemini-2.5-flash",
"displayName": "Gemini 2.5 Flash",
"contextWindow": 1000000,
"supportedFeatures": {
"temperature": true
}
}
]
}
}
Express Mode example
{
"provider": "vertex-gemini",
"enabled": true,
"config": {
"apiKeySecretName": "VERTEX_EXPRESS_API_KEY",
"models": [
{
"name": "gemini-2.5-flash",
"displayName": "Gemini 2.5 Flash"
}
]
}
}
Optional fields on each model entry include displayName, contextWindow, and supportedFeatures. See the API reference for the full schema.
After registration
- Set organization defaults in the Builder UI or with Change default LLM provider and model.
- Or pass
provider: "vertex-gemini"and the registered modelnameon individual general-purpose AI interactions or invoke a specific agent calls.
For validation flow, default selection, and common failures, use Setup & configuration alongside your Vertex AI quotas and Cloud Logging.