Proxy Saver Secure Credentials Storage

We protect your credentials by encrypting them with AES-GCM with a shared key in a dedicated and secured KMS, This ensures that the credentials are unreadable in the database and prevents exposure to employees, databases, or backups, as the key is never stored alongside the data.

For an added layer of security, you can enable end-to-end encryption by providing your own encryption key.

proxy saver encrypted custom key setting in dashboard

The dashboard will remind the end-to-end encryption status of your upstream credentials for this instance and update usage accordingly.

Proxy Saver instance summary when end-to-end encryption is enabled

Keep in mind that in this setup, we do not store or have access to your encryption key. As a result, we cannot recover it if lost. If this happens, or if you wish to seamlessly revert to the default setup using Scrapfly's KMS, you can disable this setting at any time — provided that you re-enter the upstream password.

encryption key setting in dashboard when setup

Summary