Home / Integrations / Gemini CLI

Why this setup matters

Use Gemini through KeyLore, not through exported shell secrets.

Gemini CLI can benefit from the same boundary every AI coding tool needs: enough information to choose the right credential, but not a direct dump of every available secret into process state. 

{
  "mcpServers": {
    "keylore_stdio": {
      "command": "keylore-stdio",
      "args": []
    }
  }
}

Recommended flow

How to use Gemini CLI with KeyLore.

  • Start KeyLore locally and open the UI to add the credentials relevant to your Gemini CLI tasks.
  • Describe each credential with metadata that explains purpose, target service, and environment.
  • Configure Gemini CLI to use the local KeyLore or MCP path available in your setup.
  • Run an authenticated workflow and verify that Gemini CLI uses brokered access rather than relying on raw env-loaded secrets.

Prompt example

What to ask Gemini first.

Look up the available credential metadata for the staging API, choose the entry that matches deployment diagnostics, and request brokered access only for that task.