What is HTTP Status 407?
HTTP status code 407 (Proxy Authentication Required) indicates that the client must authenticate with the proxy server before the request can be forwarded. It is the proxy equivalent of 401 (Unauthorized) and signals that valid proxy credentials are required.
The 407 Challenge-Response Flow
When a proxy server receives a request without proper authentication credentials, it responds with a 407 status code and includes a Proxy-Authenticate header specifying the accepted authentication scheme (typically Basic or Digest). The client must retry the request with a Proxy-Authorization header containing valid credentials encoded according to the specified scheme. For Basic authentication, this is a Base64-encoded username:password string. Persistent connections can cache the authentication to avoid repeating it for every request.
If you connect to gate.hexproxies.com:8080 without credentials and your IP is not whitelisted, you will receive a 407 response. The fix is straightforward: include your Hex Proxies username and password in the Proxy-Authorization header, or add your source IP to the whitelist in the dashboard.
Troubleshooting 407 Errors
Encountering a 407 error means your proxy connection is not properly authenticated. Common causes include missing credentials, expired credentials, typos in username or password, or connecting from a non-whitelisted IP when using IP authentication. Hex Proxies provides clear authentication documentation and dashboard tools to verify your credentials and whitelisted IPs.
Why It Matters for Proxy Users
A 407 error is the most common first issue new proxy users encounter, and it always indicates an authentication problem on your side rather than a target-side block. Distinguishing 407 (proxy auth failure) from 403 (target-side block) prevents misdiagnosis where users blame the proxy for what is actually a configuration error in their client.
**Practical example:** A developer integrating Hex Proxies into a Node.js application sees 407 errors on every request. They verify their credentials are correct but the issue persists. Investigation reveals that their HTTP library URL-encodes special characters in the password, corrupting the Base64 authentication header. After switching to a credentials format that avoids special characters or properly handling encoding, the 407 errors resolve and requests flow through the proxy successfully. This scenario illustrates why 407 troubleshooting should start with verifying exactly what bytes are being sent in the Proxy-Authorization header.
When debugging persistent 407 errors, test with a simple curl command first to isolate whether the issue is in your application code or the credentials themselves. If curl succeeds but your application fails, the problem is in how your HTTP library handles proxy authentication. Different libraries handle the Proxy-Authorization header differently, particularly around special character encoding and Base64 padding.