Build Web-Apps in Google AI Studio

Google AI Studio is an AI development tool that lets you build web-based apps and websites for free by giving it simple prompts. It helps you bring your ideas to life quickly without knowing how to write code. Give it its own domain or export the code afterward.

• Build Web-Apps in Google AI Studio
• Connect a Custom Domain to Your App
• API Key Safety Check for Deployed Apps
• The Check
• If a Key Is Found
• Rule of Thumb
• Standing Hygiene

Go to Google AI Studio here:

Google AI Studio

The fastest path from prompt to production with Gemini

aistudio.google.com

Connect a Custom Domain to Your App

Learn how to connect a custom domain to your app built in Google AI Studio.

API Key Safety Check for Deployed Apps

Before sharing any app built in Google AI Studio (or anywhere else), do a 30-second check to confirm no API key is exposed in the browser. A leaked key = someone runs AI calls on my bill.

This check catches it before that happens.

The Check

1. Open the deployed app URL in Chrome.
2. Right-click and select View page source.
3. Press Ctrl+F and search for: AIza
4. Read the result:
• 0/0 matches → safe.
• Match found → key is exposed. Do NOT share until fixed.
5. Click that /assets/index-XXXX.js link. It opens the bundled JavaScript file (this is where the real app code lives — not in the HTML).
6. On that JS page, press Ctrl+F and search for: AIza
7. Read the result:
• 0/0 matches → safe.
• Match found → key is exposed. Do NOT share until fixed.

If a Key Is Found

Two options:

Option 1:

Ask AI Studio to move the API call to a backend so the key never reaches the browser.

Option 2:

Restrict the key in Google Cloud Console

1. Go to https://console.cloud.google.com/
2. Go to APIs and services → Credentials
3. Pick the right project (top bar)
4. Click the key under "API Keys"
5. Under "Application restrictions" → choose "Websites" → add (all) the app domain(s)
6. Save.

Rule of Thumb

• Pure math / logic / UI apps (calculators, converters, planners) → no key, no risk.
• Apps that call Gemini or any AI → always do the check before sharing.

Standing Hygiene

• Keep the Google Cloud spend cap low.
• One API key per app. That’s easier to rotate if one leaks.
• Review https://aistudio.google.com/apikey monthly; delete unused keys.
• Never paste keys into chats, docs, or GitHub.