> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ryzeapi.cloud/llms.txt
> Use this file to discover all available pages before exploring further.

# Update Proxy

> Sets or removes the individual proxy of the instance

**Auth:** `TokenAccount` or `TokenInstance` • **Rate-limit:** `Global` (100/min) • **Idempotent:** yes

## Description

Sets an HTTP, HTTPS, or SOCKS5 proxy specific to the instance. The configuration only takes effect after `/reconnect` or a new `/connect`.

## Examples

### Authenticated SOCKS5

Configures a SOCKS5 proxy on port `1080` with user and password. The password is encrypted at-rest with AES-256-GCM and never returns in plaintext in the response.

<CodeGroup>
  ```bash cURL theme={null}
  curl -X POST "https://ryzeapi.cloud/api/instance/proxy/my-instance" \
    -H "token: $Token_Instance" \
    -H "Content-Type: application/json" \
    -d '{
      "enabled": true,
      "host": "proxy.example.com",
      "port": "1080",
      "protocol": "socks5",
      "username": "user1",
      "password": "secret"
    }'
  ```

  ```javascript JavaScript theme={null}
  await fetch("https://ryzeapi.cloud/api/instance/proxy/my-instance", {
    method: "POST",
    headers: {
      "token":        process.env.Token_Instance,
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      enabled:  true,
      host:     "proxy.example.com",
      port:     "1080",
      protocol: "socks5",
      username: "user1",
      password: "secret"
    })
  });
  ```

  ```python Python theme={null}
  import os, requests

  requests.post(
      "https://ryzeapi.cloud/api/instance/proxy/my-instance",
      headers={
          "token":        os.environ["Token_Instance"],
          "Content-Type": "application/json"
      },
      json={
          "enabled":  True,
          "host":     "proxy.example.com",
          "port":     "1080",
          "protocol": "socks5",
          "username": "user1",
          "password": "secret"
      }
  )
  ```

  ```go Go theme={null}
  package main

  import (
      "net/http"
      "os"
      "strings"
  )

  func main() {
      body := strings.NewReader(`{
          "enabled":  true,
          "host":     "proxy.example.com",
          "port":     "1080",
          "protocol": "socks5",
          "username": "user1",
          "password": "secret"
      }`)
      req, _ := http.NewRequest("POST", "https://ryzeapi.cloud/api/instance/proxy/my-instance", body)
      req.Header.Set("token", os.Getenv("Token_Instance"))
      req.Header.Set("Content-Type", "application/json")
      http.DefaultClient.Do(req)
  }
  ```
</CodeGroup>

### HTTP without auth

Points to an internal HTTP proxy (`10.0.0.5:3128`) without credentials, common scenario in corporate networks with auth-by-IP or open proxy.

<CodeGroup>
  ```bash cURL theme={null}
  curl -X POST "https://ryzeapi.cloud/api/instance/proxy/my-instance" \
    -H "token: $Token_Instance" \
    -H "Content-Type: application/json" \
    -d '{"enabled":true,"host":"10.0.0.5","port":"3128","protocol":"http"}'
  ```

  ```javascript JavaScript theme={null}
  await fetch("https://ryzeapi.cloud/api/instance/proxy/my-instance", {
    method: "POST",
    headers: {
      "token":        process.env.Token_Instance,
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      enabled:  true,
      host:     "10.0.0.5",
      port:     "3128",
      protocol: "http"
    })
  });
  ```

  ```python Python theme={null}
  import os, requests

  requests.post(
      "https://ryzeapi.cloud/api/instance/proxy/my-instance",
      headers={
          "token":        os.environ["Token_Instance"],
          "Content-Type": "application/json"
      },
      json={
          "enabled":  True,
          "host":     "10.0.0.5",
          "port":     "3128",
          "protocol": "http"
      }
  )
  ```

  ```go Go theme={null}
  package main

  import (
      "net/http"
      "os"
      "strings"
  )

  func main() {
      body := strings.NewReader(`{"enabled":true,"host":"10.0.0.5","port":"3128","protocol":"http"}`)
      req, _ := http.NewRequest("POST", "https://ryzeapi.cloud/api/instance/proxy/my-instance", body)
      req.Header.Set("token", os.Getenv("Token_Instance"))
      req.Header.Set("Content-Type", "application/json")
      http.DefaultClient.Do(req)
  }
  ```
</CodeGroup>

### Disable

Sends only `enabled: false` to remove the individual proxy from the instance. It goes back to using the deploy global proxy (if any) or a direct connection on the next reconnection.

<CodeGroup>
  ```bash cURL theme={null}
  curl -X POST "https://ryzeapi.cloud/api/instance/proxy/my-instance" \
    -H "token: $Token_Instance" \
    -H "Content-Type: application/json" \
    -d '{"enabled":false}'
  ```

  ```javascript JavaScript theme={null}
  await fetch("https://ryzeapi.cloud/api/instance/proxy/my-instance", {
    method: "POST",
    headers: {
      "token":        process.env.Token_Instance,
      "Content-Type": "application/json"
    },
    body: JSON.stringify({ enabled: false })
  });
  ```

  ```python Python theme={null}
  import os, requests

  requests.post(
      "https://ryzeapi.cloud/api/instance/proxy/my-instance",
      headers={
          "token":        os.environ["Token_Instance"],
          "Content-Type": "application/json"
      },
      json={"enabled": False}
  )
  ```

  ```go Go theme={null}
  package main

  import (
      "net/http"
      "os"
      "strings"
  )

  func main() {
      body := strings.NewReader(`{"enabled":false}`)
      req, _ := http.NewRequest("POST", "https://ryzeapi.cloud/api/instance/proxy/my-instance", body)
      req.Header.Set("token", os.Getenv("Token_Instance"))
      req.Header.Set("Content-Type", "application/json")
      http.DefaultClient.Do(req)
  }
  ```
</CodeGroup>

## Success response

```json 200 OK theme={null}
{
  "success": true,
  "message": "Proxy configuration updated successfully",
  "proxy": {
    "enabled": true,
    "host": "proxy.example.com",
    "port": "1080",
    "protocol": "socks5",
    "username": "user1",
    "password": ""
  }
}
```

<Note>
  The `password` appears as an empty string (`""`) in the response, the server never returns the password in plaintext.
</Note>

## Path parameters

<ParamField path="instance" type="string" required>
  Instance name.
</ParamField>

## Headers

<ParamField header="token" type="string" required>
  TokenAccount or TokenInstance.
</ParamField>

<ParamField header="Content-Type" type="string" required>
  `application/json`.
</ParamField>

## Request body

<ParamField body="enabled" type="boolean" required>
  Enables/disables the instance proxy.
</ParamField>

<ParamField body="host" type="string">
  IP or hostname. **Required** if `enabled=true`.
</ParamField>

<ParamField body="port" type="string">
  Port as a string (`"1080"`, `"8080"`). **Required** if `enabled=true`.
</ParamField>

<ParamField body="protocol" type="string">
  `"http"`, `"https"`, or `"socks5"`. **Required** if `enabled=true`.
</ParamField>

<ParamField body="username" type="string">
  User (optional).
</ParamField>

<ParamField body="password" type="string">
  Password (optional, encrypted at-rest).
</ParamField>

## Rules

* `enabled=true` requires `host`, `port`, and `protocol`.
* `protocol` must be `http`, `https`, or `socks5`.
* `username` / `password` are optional (open proxy or auth-by-IP).
* `enabled=false` makes the instance go back to using the default deploy proxy (if any).
* The password is **encrypted at-rest** (AES-256-GCM) and **redacted** in the response.

## Notes

<Note>
  The instance individual proxy has **priority** over the deploy global proxy. If `enabled=false`, the instance uses the global proxy (if any) or a direct connection.
</Note>

<Warning>
  Proxy changes **do not reconnect automatically**, call [`reconnect`](/en/api/instance/reconnect) to apply.
</Warning>

## Errors

| HTTP | `error.message`                                | When                               |
| :--: | ---------------------------------------------- | ---------------------------------- |
|  400 | `Invalid request body`                         | Malformed JSON.                    |
|  400 | `Host is required when proxy is enabled`       | `enabled=true` without `host`.     |
|  400 | `Port is required when proxy is enabled`       | `enabled=true` without `port`.     |
|  400 | `Protocol is required when proxy is enabled`   | `enabled=true` without `protocol`. |
|  400 | `Protocol must be one of: http, https, socks5` | `protocol` outside the enum.       |
|  401 | `Invalid token`                                | Token missing or invalid.          |
|  404 | `Instance not found`                           | Name does not exist.               |
|  429 | `Rate limit exceeded. Try again later.`        | More than 100 req/min.             |
|  500 | `Failed to update proxy configuration`         | Database error.                    |

```json theme={null}
{
  "success": false,
  "error": {
    "message": "Protocol must be one of: http, https, socks5"
  }
}
```
