Skip to main content
A proxy package is your entry point to the SOAX network. Every request you make runs inside a package and inherits its credentials, limits, and entitlements. You can create as many packages as you need — one per environment, one per team, one per workload — and manage them independently. All packages share your organization’s credit pool, but each package controls who can spend from it and how.
Only organization Owners can create, edit, pause, or delete packages and change their limits. Members can connect through the packages assigned to them, but can’t change package configuration. See Team and permissions.

What’s on a package

AttributeWhat it controls
Package keyAuthentication credential (used as the proxy password).
Network typesWhich networks are allowed: residential, mobile, or both.
RPS limitMaximum requests per second for this package.
Concurrent connections limitMaximum simultaneous connections.
Traffic limitOptional cap on GB consumed by this package.
IP allowlistAuthorized client IPs for IP Auth.
Feature entitlementsPremium features enabled on the package.
Limits are enforced at two levels. Each package has its own RPS and concurrent connection limit. There’s also a customer-level ceiling across all your packages, so creating more packages doesn’t sidestep the global limit.

Creating a package

  1. In the dashboard, open Packages in the sidebar.
  2. Click Create package.
  3. Set the package name, allowed network types, and any optional traffic limit.
  4. Save. The package key is generated and shown on the package detail page.
The package is immediately available for use. Open Quick Connect on the package page to start building a connection string.

Managing the package key

The package key is the password half of every connection string: 
{rules}:{package_key}@proxy.soax.com:1337
Keys look like pk_abc123…. They’re shown on the package detail page; copy the value exactly.

Regenerating a key

If a key is leaked or you want to rotate it on schedule, regenerate it from the package detail page. The old key stops working immediately, so update every integration that uses it before regenerating.

Network types

Residential and mobile are both enabled by default on new packages. You can disable one if you want a package restricted to a single network type — for example, to give a team residential-only access, or to keep a high-volume scraping workload on residential without accidentally consuming mobile credits. The network type is selected at runtime via the network rule (network-res, network-mob, network-any, or combinations like network-res_mob). If you don’t include a network rule, the package’s default is used (res).

Limits and quotas

RPS and concurrent connections

Each package has an RPS limit and a concurrent-connections limit, both visible on the package detail page. Hitting either returns: 
HTTP/1.1 429 Too Many Requests
X-SOAX-Error: RATE_LIMIT_EXCEEDED
If your workload needs more headroom, ask an organization Owner to raise the package’s limits. The customer-level ceiling across all packages is tied to your plan — to lift that, an Owner can contact support.

Traffic limit

The optional traffic limit lets you cap GB consumption on a single package without affecting other packages. Useful for ring-fencing a team or an experimental workload from the rest of the organization’s budget. Hitting the cap returns: 
HTTP/1.1 429 Too Many Requests
X-SOAX-Error: TRAFFIC_LIMIT_EXCEEDED
Update the cap from the package settings.

IP allowlist (for IP Auth)

If you want to authenticate by IP instead of sending the package key on every request, add your client’s outbound public IP to the package’s IP allowlist, found in the package’s Access tab (platform.soax.com/packages/<package_id>/access).
  • The IP added must be the public outbound IP that SOAX sees, not your local/private IP. Check it without a proxy at checker.soax.com/api/ipinfo.
  • You can keep both methods active simultaneously. Adding an IP to the allowlist doesn’t disable username/password auth.
  • IP Auth works with HTTPS in Quick Connect (rules in the subdomain, subject to the 63-character DNS label limit). HTTP and SOCKS5 can’t carry rules under IP Auth — use username/password authentication for those.
See Authentication for full setup.

Multiple packages

Common reasons to split workloads into multiple packages:
  • Per environment — separate packages for staging and production, so usage and limits don’t cross over.
  • Per team or customer — track traffic by team in Usage & Analytics, and apply different limits to each.
  • Per workload — isolate a high-volume scrape from interactive use so one can’t starve the other on shared concurrency.
  • Per network type — restrict one package to residential and another to mobile to make billing attribution clean.
All packages share the organization’s credit pool. The split only controls how that pool is allocated and tracked, not how much credit you have.

Pausing and deleting a package

  • Pause. Temporarily disable a package without losing its settings. Requests fail with 407 PACKAGE_SUSPENDED until resumed.
  • Delete. Permanently remove the package. The package key is invalidated immediately. There’s no undo.

Where to look next

Next steps

Quick Connect

Build a connection string for this package without memorising the rules format.

Authentication

Username/password and IP Auth, end-to-end.

Usage & Analytics

Per-package traffic, credits, and country-tier breakdowns.

Account & billing

Subscription, payments, invoices, and credits.