Gemini Pro API throws 403 in Postman with valid key
Tried hitting the Gemini Pro v1/models/gemini-pro:generateContent
endpoint in Postman.
Headers set:
POST https://generativelanguage.googleapis.com/v1beta/models/gemini-pro:generateContent?key=AIzaSy...
Content-Type: application/json
Response:
{
"error": {
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED"
}
}
Key freshly created, billing enabled, Generative Language API enabled.
Turned out Gemini needs the Generative Language API User role at project level.
Steps:
- go to https://console.cloud.google.com/iam-admin/iam
- add Service Account Token Creator and Generative Language API User to the service account behind the API key
- wait two minutes
- resend the request
Status 200 returned and the content field contained the completion.
If 403 persists make sure the key is Server key; browser‑restricted keys fail CORS preflight.