Blog
AI & Automation

How to Add Static IPs to Apps Built with Emergent AI

QuotaGuard Engineering
February 18, 2026
5 min read
Pattern

Emergent apps run on dynamic IPs. External APIs and databases that require IP allowlisting will block your requests. QuotaGuard gives you two static IPs you can whitelist once and forget.

Here's how to set it up.

Quick Setup

1. Get your proxy URL from QuotaGuard:

http://username:password@us-east-static-01.quotaguard.com:9293

2. Add the environment variable to your app:

QUOTAGUARDSTATIC_URL=http://username:password@us-east-static-01.quotaguard.com:9293

3. Route protected requests through the proxy (examples for all major languages below).

4. Whitelist your two static IPs (shown in QuotaGuard dashboard) on the external service.

Done. Your Emergent app now has a fixed network identity.

Why This Happens

Emergent.sh turns natural language prompts into production-ready applications, but those apps inherit the dynamic IP behavior of cloud infrastructure. Whether hosted on Emergent's managed platform or exported to Vercel, Render, or AWS, your AI-built app's outbound traffic originates from shared, rotating IP pools.

Services that use IP allowlisting (payment APIs, corporate databases, partner systems, MongoDB Atlas) see an unknown IP and block the request.

Your code is fine. Your credentials are valid. The external service is rejecting based on network identity.

Both Deployment Paths Work

Emergent-hosted apps: Configure the proxy in your application code as shown below.

Exported apps (Vercel, Render, Fly.io, AWS): Same code changes, plus set the environment variable in your deployment platform.

Node.js

Install the proxy agent:

npm install https-proxy-agent

With Axios

const axios = require('axios');
const { HttpsProxyAgent } = require('https-proxy-agent');

const proxyUrl = process.env.QUOTAGUARDSTATIC_URL;
const agent = new HttpsProxyAgent(proxyUrl);

async function callProtectedAPI(url, data) {
    const response = await axios.post(url, data, {
        httpsAgent: agent
    });
    return response.data;
}

// Example: payment API that requires IP whitelisting
async function processPayment(paymentDetails) {
    return await callProtectedAPI(
        'https://api.paymentprovider.com/v1/charge',
        paymentDetails
    );
}

With Native Fetch (Undici)

import { ProxyAgent, fetch } from 'undici';

const proxyUrl = process.env.QUOTAGUARDSTATIC_URL;
const dispatcher = new ProxyAgent(proxyUrl);

async function callProtectedAPI(url, options = {}) {
    const response = await fetch(url, {
        ...options,
        dispatcher
    });
    return response.json();
}

Install undici:

npm install undici

With Node-Fetch

const fetch = require('node-fetch');
const { HttpsProxyAgent } = require('https-proxy-agent');

const proxyUrl = process.env.QUOTAGUARDSTATIC_URL;
const agent = new HttpsProxyAgent(proxyUrl);

async function callProtectedAPI(url) {
    const response = await fetch(url, { agent });
    return response.json();
}

With Got

const got = require('got');
const { HttpsProxyAgent } = require('https-proxy-agent');

const proxyUrl = process.env.QUOTAGUARDSTATIC_URL;
const agent = new HttpsProxyAgent(proxyUrl);

async function callProtectedAPI(url) {
    const response = await got(url, {
        agent: { https: agent }
    });
    return JSON.parse(response.body);
}

Python

With Requests

import os
import requests

proxy_url = os.environ.get('QUOTAGUARDSTATIC_URL')

proxies = {
    'http': proxy_url,
    'https': proxy_url
}

def call_protected_api(url, data):
    response = requests.post(url, json=data, proxies=proxies)
    return response.json()

# Example: partner API behind corporate firewall
def sync_inventory(inventory_data):
    return call_protected_api(
        'https://api.partner.com/v2/inventory',
        inventory_data
    )

With HTTPX

import os
import httpx

proxy_url = os.environ.get('QUOTAGUARDSTATIC_URL')

def call_protected_api(url, data):
    with httpx.Client(proxy=proxy_url) as client:
        response = client.post(url, json=data)
        return response.json()

With aiohttp (Async)

import os
import aiohttp

proxy_url = os.environ.get('QUOTAGUARDSTATIC_URL')

async def call_protected_api(url, data):
    async with aiohttp.ClientSession() as session:
        async with session.post(url, json=data, proxy=proxy_url) as response:
            return await response.json()

Ruby

With Net::HTTP

require 'net/http'
require 'uri'
require 'json'

def call_protected_api(url, data)
  uri = URI.parse(url)
  proxy_uri = URI.parse(ENV['QUOTAGUARDSTATIC_URL'])

  http = Net::HTTP.new(
    uri.host,
    uri.port,
    proxy_uri.host,
    proxy_uri.port,
    proxy_uri.user,
    proxy_uri.password
  )
  http.use_ssl = true

  request = Net::HTTP::Post.new(uri.path)
  request['Content-Type'] = 'application/json'
  request.body = data.to_json

  response = http.request(request)
  JSON.parse(response.body)
end

With Faraday

require 'faraday'

proxy_url = ENV['QUOTAGUARDSTATIC_URL']

conn = Faraday.new(proxy: proxy_url) do |f|
  f.request :json
  f.response :json
end

response = conn.post('https://api.partner.com/v2/data') do |req|
  req.body = { key: 'value' }
end

puts response.body

PHP

With cURL

<?php

function callProtectedAPI($url, $data) {
    $proxyUrl = getenv('QUOTAGUARDSTATIC_URL');
    $proxy = parse_url($proxyUrl);
    
    $ch = curl_init();
    
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
    curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
    curl_setopt($ch, CURLOPT_PROXY, $proxy['host'] . ':' . $proxy['port']);
    curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxy['user'] . ':' . $proxy['pass']);
    
    $response = curl_exec($ch);
    
    if (curl_errno($ch)) {
        throw new Exception('cURL error: ' . curl_error($ch));
    }
    
    curl_close($ch);
    return json_decode($response, true);
}

// Example usage
$result = callProtectedAPI('https://api.partner.com/v2/data', ['key' => 'value']);
print_r($result);

With Guzzle

<?php

require 'vendor/autoload.php';

use GuzzleHttp\Client;

$proxyUrl = getenv('QUOTAGUARDSTATIC_URL');

$client = new Client([
    'proxy' => $proxyUrl
]);

$response = $client->post('https://api.partner.com/v2/data', [
    'json' => ['key' => 'value']
]);

$data = json_decode($response->getBody(), true);
print_r($data);

Go

package main

import (
    "bytes"
    "encoding/json"
    "fmt"
    "io"
    "net/http"
    "net/url"
    "os"
)

func callProtectedAPI(targetURL string, data map[string]interface{}) (map[string]interface{}, error) {
    proxyURL, err := url.Parse(os.Getenv("QUOTAGUARDSTATIC_URL"))
    if err != nil {
        return nil, err
    }

    client := &http.Client{
        Transport: &http.Transport{
            Proxy: http.ProxyURL(proxyURL),
        },
    }

    jsonData, err := json.Marshal(data)
    if err != nil {
        return nil, err
    }

    resp, err := client.Post(targetURL, "application/json", bytes.NewBuffer(jsonData))
    if err != nil {
        return nil, err
    }
    defer resp.Body.Close()

    body, err := io.ReadAll(resp.Body)
    if err != nil {
        return nil, err
    }

    var result map[string]interface{}
    json.Unmarshal(body, &result)
    return result, nil
}

func main() {
    data := map[string]interface{}{"key": "value"}
    result, err := callProtectedAPI("https://api.partner.com/v2/data", data)
    if err != nil {
        panic(err)
    }
    fmt.Println(result)
}

C# / .NET

using System;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;

public class ProxiedHttpClient
{
    private static HttpClient CreateProxiedClient()
    {
        var proxyUrl = Environment.GetEnvironmentVariable("QUOTAGUARDSTATIC_URL");
        var proxyUri = new Uri(proxyUrl);
        
        var proxy = new WebProxy(proxyUri.GetLeftPart(UriPartial.Authority))
        {
            Credentials = new NetworkCredential(
                Uri.UnescapeDataString(proxyUri.UserInfo.Split(':')[0]),
                Uri.UnescapeDataString(proxyUri.UserInfo.Split(':')[1])
            )
        };

        var handler = new HttpClientHandler
        {
            Proxy = proxy,
            UseProxy = true
        };

        return new HttpClient(handler);
    }

    public static async Task<T> CallProtectedAPI<T>(string url, object data)
    {
        using var client = CreateProxiedClient();
        var json = JsonSerializer.Serialize(data);
        var content = new StringContent(json, Encoding.UTF8, "application/json");
        
        var response = await client.PostAsync(url, content);
        var responseJson = await response.Content.ReadAsStringAsync();
        return JsonSerializer.Deserialize<T>(responseJson);
    }
}

Rust

use reqwest::Proxy;
use std::env;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let proxy_url = env::var("QUOTAGUARDSTATIC_URL")?;
    
    let proxy = Proxy::all(&proxy_url)?;
    
    let client = reqwest::Client::builder()
        .proxy(proxy)
        .build()?;
    
    let response = client
        .post("https://api.partner.com/v2/data")
        .json(&serde_json::json!({"key": "value"}))
        .send()
        .await?;
    
    let data: serde_json::Value = response.json().await?;
    println!("{:?}", data);
    
    Ok(())
}

Add to Cargo.toml:

[dependencies]
reqwest = { version = "0.11", features = ["json", "socks"] }
tokio = { version = "1", features = ["full"] }
serde_json = "1.0"

Elixir

With Req

defmodule ProxiedClient do
  def call_protected_api(url, data) do
    proxy_url = System.get_env("QUOTAGUARDSTATIC_URL")
    
    Req.post!(url,
      json: data,
      connect_options: [proxy: proxy_url]
    ).body
  end
end

Test Your Setup

Verify your static IP is working:

// Node.js
const response = await axios.get('https://ip.quotaguard.com', { httpsAgent: agent });
console.log('Your static IP:', response.data);
# Python
response = requests.get('https://ip.quotaguard.com', proxies=proxies)
print('Your static IP:', response.json())

The returned IP should match one of the two IPs in your QuotaGuard dashboard.

Selective Proxying

Only route requests that need static IPs through the proxy:

const PROTECTED_DOMAINS = ['api.paymentprovider.com', 'api.partner.com'];

function needsStaticIP(url) {
    const hostname = new URL(url).hostname;
    return PROTECTED_DOMAINS.some(domain => hostname.includes(domain));
}

async function smartRequest(url, options = {}) {
    if (needsStaticIP(url)) {
        options.httpsAgent = agent;
    }
    return axios(url, options);
}

Database Connections (SOCKS5)

For PostgreSQL, MySQL, MongoDB, or SFTP, use QuotaGuard's SOCKS5 proxy on port 1080.

socks5://username:password@us-east-static-01.quotaguard.com:1080

Most database client libraries support SOCKS5 configuration. For complex multi-protocol setups, QGTunnel creates local port mappings that route traffic transparently.

Troubleshooting

407 Proxy Authentication Required: Check your QUOTAGUARDSTATIC_URL credentials. URL-encode special characters in the password.

Connection timeouts: HTTP proxy uses port 9293. SOCKS5 uses port 1080. Verify your deployment allows outbound connections.

Wrong IP returned: Make sure you're passing the agent to the specific request, not just creating it.

Pricing

Micro plan: $19/month, 40K requests. Works for most apps during development and early growth.

Get Started

QuotaGuard Static IP Blog

Practical notes on routing cloud and AI traffic through Static IPs.

AI & Automation

How to Add Static IPs to Apps Built with Emergent AI

Route outbound traffic from Emergent-hosted apps or exported code through fixed IPs to connect to firewalled databases, payment APIs, and enterprise systems.
QuotaGuard Engineering
February 17, 2026
5
min read
QuotaGuard's Journey

Heroku Is Entering "Sustaining Engineering" Mode. Here's What That Means for Your Static IPs.

Heroku is entering sustaining engineering mode. Your apps still run. Your static IPs still work. And if you migrate, your QuotaGuard IPs go with you.
QuotaGuard Engineering
February 16, 2026
5
min read
Tutorials & Integration Guides

QGTunnel: Static IPs for Database Connections, FTP, SFTP, and Other TCP Traffic

QGTunnel routes non-HTTP traffic like database connections, FTP, and SFTP through static IPs without changing your connection strings. Here's how it works and how to set it up.
QuotaGuard Engineering
February 14, 2026
5
min read
AI & Automation

n8n Cloud and Static IPs: How to Whitelist When You Have 22 Rotating Addresses

n8n Cloud gives you 22 rotating IPs that can change anytime. If your API vendor or SFTP server needs a static IP for whitelisting, here's how to fix it in five minutes.
QuotaGuard Engineering
February 13, 2026
5
min read
AI & Automation

Zapier and Static IPs: How to Whitelist a Zap Without Opening Your Firewall to All of AWS

Zapier doesn't have a static IP. It runs on AWS us-east-1 with millions of shared addresses. Here's why whitelisting the entire range is a security nightmare and what to do instead.
QuotaGuard Engineering
February 13, 2026
5
min read
Tutorials & Integration Guides

How to Fix Ruby DNS Resolution Errors When Using QGTunnel with Third-Party APIs

If you're using QGTunnel in transparent mode for database connections and seeing Socket::ResolutionError when calling APIs like Mailchimp, the fix is to disable transparent mode. This guide walks through the cause and the 5-minute solution.
QuotaGuard Engineering
January 29, 2026
5
min read
Tutorials & Integration Guides

How to Get a Static IP for Gigalixir Apps

Learn how to get static outbound IPs for Gigalixir apps. Code examples for HTTPoison, Req, Finch, and Tesla. Connect to firewalled databases and APIs.
QuotaGuard Engineering
January 19, 2026
5
min read
Tutorials & Integration Guides

How to Get a Static IP for Render Apps

Render provides shared CIDR ranges for outbound IPs, but many firewalls and databases require individual static IPs. This guide compares native options with proxy services and shows how to connect Render apps to MongoDB Atlas and other firewalled resources.
QuotaGuard Engineering
January 15, 2026
5
min read
Tutorials & Integration Guides

How Do I Get a Static IP for Fly.io Apps?

Learn how to get a static IP for Fly.io apps. Compare native egress IPs vs QuotaGuard proxy. Includes code examples for Node.js, Python, Elixir, and Go.
QuotaGuard Engineering
January 13, 2026
5
min read
Tutorials & Integration Guides

How to Fix 403 Forbidden Errors in n8n HTTP Request Nodes (The Static IP Fix)

Is your n8n AI agent getting blocked? If you are seeing 403 Forbidden or ECONNREFUSED errors, the problem isn't your code, it's likely your IP address. Learn why "noisy" cloud IPs get flagged and how to fix it in 2 minutes using n8n's native proxy settings.
QuotaGuard Engineering
December 8, 2025
5
min read
Tutorials & Integration Guides

SSL Passthrough vs SSL Offloading: A Quick Primer

Understand the critical differences between SSL Passthrough, SSL Offloading, and SSL Termination. Learn which method ensures end-to-end zero-knowledge encryption for compliance versus which optimizes performance by decrypting traffic at the load balancer.
QuotaGuard Engineering
December 4, 2025
5
min read
Security & Compliance

US and EU Data Residency for Static IP Proxy Traffic

Does your security team prohibit traffic from leaving the EU or US? Learn how QuotaGuard’s Data Residency add-on locks your static IPs and logs to a single region, simplifying your audits for SOC 2, HIPAA, and GDPR.
QuotaGuard Engineering
October 4, 2025
5
min read
Product Updates

Introducing U.S. Data Residency: Keep Your Proxy Traffic Fully Within U.S. Borders

Meet strict localization requirements with our new U.S. Data Residency option. Route all proxy traffic and logs exclusively through U.S. infrastructure to align with government contracts, HIPAA, and SOC 2 standards.
QuotaGuard Engineering
October 4, 2025
5
min read
Product Updates

QuotaGuard Now Live in 10 AWS Regions – Including Singapore and Mumbai!

QuotaGuard is now live in 10 AWS regions, including new launches in Singapore and Mumbai. Reduce latency and improve performance for your global workloads by routing static IP traffic through infrastructure closer to your data.
QuotaGuard Engineering
October 4, 2025
5
min read
Product Updates

QuotaGuard Expands: Early Access to Heroku’s Next-Gen Fir Platform

QuotaGuard is testing early access to Heroku's next-gen Fir platform. We are ensuring full compatibility so you can migrate your static IP workflows seamlessly as Heroku modernizes its infrastructure for better scalability and performance.
QuotaGuard Engineering
October 4, 2025
5
min read
View all

Reliability Engineered for the Modern Cloud

For over a decade, QuotaGuard has provided reliable, high-performance static IP and proxy solutions for cloud environments like Heroku, Kubernetes, and AWS.

Get the fixed identity and security your application needs today.

Start Free TrialTalk to an Engineer