Skip to main content
Two authentication methods. Only Residential supports both: the rest are credentials-only.

Auth support per product

ProductUser:passIP whitelist
Residential
ISP
Datacenter IPv4
Datacenter IPv6
Mobile
If you need IP-whitelist auth, you need Residential.

User:pass authentication

Your proxy username + password are part of the proxy string. Every connection sends them. 
host:port:username:password
http://username:password@host:port
Pros: works from any machine. Easy to share across teams. Survives IP changes. Cons: credentials in your code mean rotating them is a config change everywhere. This is the default everywhere.

IP whitelist (Residential only)

Add specific IPs to your dashboard. Connections from those IPs don’t need credentials.

Adding an IP

  1. Dashboard → IP Whitelist
  2. Add your current public IP (find it at api.ipify.org)
  3. Save

Combining both methods

You can use both on Residential. The whitelist works without credentials; user:pass works regardless. Many users whitelist their server IP for cron jobs and use credentials for laptop work.

”Does no whitelist mean anyone can use my proxy?”

No. Without a whitelist, your proxy still requires user:pass auth.
WhitelistCredentialsResult
EmptyCorrectWorks from anywhere
EmptyMissingNo access
IP listedMissingWorks only from that IP
IP listedCorrectWorks from anywhere

Resetting your proxy password

Your proxy password is separate from your account password.
  • Account password: used to log into the dashboard
  • Proxy password: part of the credentials each generated proxy uses

When to reset

  • Credentials exposed (committed to a repo, leaked in logs)
  • Unexpected bandwidth usage suggests someone else is using them
  • Routine security rotation

How

Dashboard → proxy section → Reset Proxy Password. New password generated immediately.

After resetting

Every script, browser, anti-detect profile, cron job, and integration needs the new password. Old credentials return 407. If you still get 407 after a confirmed reset:
  • You’re still using the old password somewhere (most likely)
  • Long-running connections cached the old creds: kill and reconnect
  • Rare: reset stuck in our queue: message support

Suspected unauthorized use

  1. Check usage log for unfamiliar patterns
  2. Reset proxy password immediately
  3. Update your own integrations with the new password
  4. Remove unfamiliar IPs from the whitelist
  5. Optional: change account password
See also Account: suspected unauthorized use.