Home/Blog/Mobile Proxy for Browser Use
Tool Integration

Mobile Proxy for Browser Use: AI Agent Setup

Browser Use lets an LLM drive a real Chromium browser, and it exposes a clean, typed proxy config to route that browser through any IP you choose. Here is the exact ProxySettings setup for an authenticated 4G/5G mobile proxy, one sticky carrier IP per agent, geo-targeting per task, and what to do when agents hit CAPTCHAs.

8 min read·Last updated: July 2026

Quick Answer

In Browser Use, the proxy lives on the browser, not the agent: pass proxy=ProxySettings(server=..., username=..., password=...) when you create a Browser (an alias for BrowserSession) or a BrowserProfile, then hand that browser to your Agent via browser=. With a dedicated mobile proxy, every step of the agent's task exits through one stable carrier IP.

  • ProxySettings takes server, username, password, and bypass
  • One Browser instance per agent = one sticky carrier IP per agent
  • Browser Use's own FAQ points to fingerprinting and proxies for CAPTCHA handling - the library does not fix IP reputation itself

Browser Use is the fastest-growing open-source browser-agent library: over 100,000 GitHub stars as of July 2026, with releases shipping weekly (v0.13.3 landed July 1, 2026). You give an Agent a task in plain language, it plans steps with an LLM and executes them in a real Chromium browser. What the library cannot control is how websites judge the IP that browser connects from. This guide covers the proxy layer specifically; for the broader framework landscape see mobile proxies for AI agents and for where all of this is heading, our take on the agentic web.

Why Browser Use agents need a real IP

An agent run is not one request. A single task like "find this product and compare prices" produces dozens of navigations, clicks, and form fills over several minutes, all from the same IP. If that IP is a datacenter address, anti-bot systems score the whole session as hosting-originated traffic and respond with CAPTCHAs, Cloudflare interstitials, or silent blocks. The agent then burns LLM steps trying to click through challenge pages it cannot pass.

The project is explicit that this is out of scope for the library. The Browser Use README's FAQ answers "How do I solve CAPTCHAs?" with: "For CAPTCHA handling, you need better browser fingerprinting and proxies", and points to its paid cloud for stealth browsers and proxy rotation. If you run the open-source library on your own infrastructure, the IP layer is yours to solve - and that is exactly what a dedicated 4G/5G mobile proxy does. Carrier IPs sit behind CGNAT, shared with thousands of real subscribers, so blocking one is expensive for the target site in false positives.

The proxy config: ProxySettings

Browser Use exposes a typed ProxySettings model (defined in browser_use/browser/profile.py) with four fields: server (an http:// or socks5:// proxy URL), bypass (comma-separated hosts to skip), and username / password for authenticated proxies. Under the hood the server becomes Chromium's --proxy-server launch flag and credentials are supplied through the CDP auth challenge, so put them in the dedicated fields, not in the URL.

STEP 01

Install and grab credentials

pip install browser-use   # or: uv add browser-use

# From your mobileproxies.org dashboard you need:
# host: proxy.mobileproxies.org   HTTP port: 8000
# username: u_4a9c                password: p_2X7q
STEP 02

Pass ProxySettings into the Browser

import asyncio
from browser_use import Agent, Browser, ChatBrowserUse
from browser_use.browser import ProxySettings

browser = Browser(
    headless=True,
    proxy=ProxySettings(
        server="http://proxy.mobileproxies.org:8000",
        username="u_4a9c",
        password="p_2X7q",
        bypass="localhost,127.0.0.1",
    ),
)

agent = Agent(
    task="Open https://api.ipify.org and report the IP shown",
    browser=browser,
    llm=ChatBrowserUse(),
)

asyncio.run(agent.run())
STEP 03

Verify the egress IP

The task above doubles as the verification: the agent should report a carrier-owned mobile IP, not your machine's address. If it reports your real IP, the proxy is not being applied - see troubleshooting below.

Expected: an IP on a mobile carrier ASN (the carrier's public egress, not your ISP)

One sticky carrier IP per agent

Multi-step tasks need a stable identity. If your IP rotates mid-task - the default on many rotating residential pools - a login started on one IP finishes on another, and risk engines flag the session. A dedicated mobile proxy is sticky by design: the slot holds one carrier IP until you explicitly rotate it. Pair that with Browser Use's keep_alive option ("keep browser alive after agent run") and a persistent user_data_dir, and consecutive agent runs share the same IP, cookies, and browser profile - which is exactly what login-heavy flows like account creation and management require.

# One Browser per agent, each on its own dedicated slot
browser_a = Browser(
    proxy=ProxySettings(
        server="http://proxy.mobileproxies.org:8000",
        username="u_4a9c",
        password="p_2X7q",
    ),
    user_data_dir="~/.config/browseruse/profiles/agent-a",
    keep_alive=True,  # browser survives between agent runs
)

agent = Agent(task="Log in and open the orders page",
              browser=browser_a, llm=ChatBrowserUse())
await agent.run()

# Next task reuses the same carrier IP, cookies and profile
followup = Agent(task="Export this month's order list",
                 browser=browser_a, llm=ChatBrowserUse())
await followup.run()

Running agents in parallel? Give each its own Browser instance, its own user_data_dir, and its own proxy slot. Two agents behind one IP with identical fingerprints look like one bot pretending to be two people; two dedicated slots look like two unrelated phones.

Geo-targeting per task

What an agent sees depends on where its IP geolocates: prices, availability, search results, consent banners, even whether a page loads at all. Because each dedicated slot is tied to a physical modem on a specific carrier in a specific location, geo-targeting in Browser Use is just routing: point each agent's ProxySettings at the slot for the market its task concerns.

Per-task routing

Keep a small mapping of market to slot credentials and build the Browser for each task from it. A US price-check agent exits through a US carrier; a German one through a German carrier. Same code, different server and credentials.

Rotation on your schedule

When a task finishes and you want a fresh identity in the same location, rotate the slot via the API instead of switching pools - the agent keeps its geo but gets a new carrier IP.

import requests

# Rotate slot us-mob-01 to a fresh IP on the same carrier
requests.post(
    "https://buy.mobileproxies.org/api/v1/proxies/us-mob-01/switch",
    headers={"Authorization": "Bearer YOUR_API_KEY"},
)

This pattern - stable geo, controlled rotation - is the same one that powers reliable web scraping pipelines; browser agents simply add an LLM on top of the same network layer.

Troubleshooting CAPTCHAs and blocks

The agent loops on a CAPTCHA or Cloudflare challenge page

Almost always IP reputation, not the agent. Move the browser onto a dedicated mobile IP, keep keep_alive and a persistent user_data_dir so cookies and cleared challenges survive between runs, and slow the task down. If a specific IP has been burned on a specific site, rotate the slot and retry.

The agent reports your real IP

Confirm proxy=ProxySettings(...) is set on the same Browser instance you pass to the Agent, and that you are on a current release - older versions had reported proxy regressions (see GitHub issue #2445), and the typed ProxySettings config is the consolidated, tested path in 0.13.x.

Proxy authentication fails

Put credentials in the username and password fields, not in the server URL - Chromium's --proxy-server flag does not carry credentials; Browser Use answers the auth challenge separately over CDP.

Internal hosts break behind the proxy

Use bypass="localhost,127.0.0.1,*.internal" so local services and internal domains skip the proxy while everything else exits through the carrier IP.

Frequently asked questions

Where do I set the proxy in Browser Use?

On the browser object, not the agent. Pass proxy=ProxySettings(server=..., username=..., password=...) when you create a Browser, BrowserSession, or BrowserProfile, then hand that browser to the Agent with the browser= parameter. Browser is an alias for BrowserSession, so the same field works on both.

Does Browser Use support authenticated proxies?

Yes. ProxySettings has dedicated username and password fields. The library applies the proxy server to Chromium via the --proxy-server launch flag and answers the proxy's authentication challenge over CDP, so keep credentials in those fields rather than embedding them in the server URL.

Can each agent have its own proxy?

Yes. Create one Browser instance per agent, each with its own ProxySettings pointing at its own dedicated proxy slot, and pass each browser to its own Agent. With a dedicated mobile proxy per slot, every agent keeps a distinct, stable carrier IP for the whole task.

Why does my agent still hit CAPTCHAs after adding a proxy?

Usually IP reputation. Browser Use's own FAQ says CAPTCHA handling needs better browser fingerprinting and proxies - the library does not fix a burned IP for you. Shared datacenter and overused residential pool IPs carry poor reputation; a dedicated 4G/5G carrier IP shared with real subscribers through CGNAT is far more expensive for sites to block.

Should I use a residential or mobile proxy with browser-use?

For multi-step agent tasks, a dedicated mobile proxy is usually the better fit. Rotating residential pools can change your IP mid-task, which breaks logged-in sessions and trips risk checks. A dedicated 4G/5G slot gives one sticky carrier IP that only changes when you call the rotation API, and mobile CGNAT ranges get the most lenient treatment from anti-bot systems.

Sources

Related Guides

Give every agent its own carrier IP

Dedicated 4G/5G slots with sticky carrier IPs, per-slot rotation via API, and locations you pick - drop the credentials straight into ProxySettings and run.