Configure the VPN Client API

You can also use the VPN Client API to make changes to the VPN Client configuration. This article will explain how to do this. If you haven't already, please read the articles How to use the APIv2? and How to use the VPN Client API? to better understand how to use the VPN Client API.


The local web interface

You can easily make all changes to the configuration without the API, by using the VPN Client local web interface. You can find the local web interface by typing https://localhost:9250 in the browser on the device where the VPN Client is installed.

Get the current configuration

First, you'll need to obtain the current configuration of the VPN Client You can do this by sending a GET request to the configuration endpoint. Below, you can see what this request should look like.

curl --request GET \
     --url 'https://localhost:9250/configuration'

The response to this request will look similar to the example below. This gives you an idea of the possible changes to the configuration you can make as well.

  "log": {
    "severity_level": "debug"
  "rest": {
    "ssl": {
      "configuration": "openssl.cnf",
      "certificate": "ssl_cert.pem",
      "private_key": "ssl_key.pem"
  "stunnel": {
    "enabled": "false",
    "host": "",
    "port": "9255"
  "openvpn": {
    "dev-node": ""
  "proxy": {
    "enabled": "false",
    "type": "http",
    "authentication": {
      "method": "none",
      "username": "",
      "password": "********"
    "host": "",
    "port": ""

Change the current configuration

You can change the configuration of the VPN Client API by sending a PATCH request to the configuration endpoint. You don't need to send any headers, only a --data flag. We the option to enable stealth mode as an example below.

One of the most common changes that can be made to the configuration is enabling or disabling stealth mode. You will need to either include the value true, to enable stealth mode, or false to disable stealth mode.

curl --request PATCH
     --url 'https://localhost:9250/configuration'
     --data '{"stunnel":{"enabled":"true"}}'

Configuration options

The configuration endpoint can be used for different configuration options as well. All need to be changed with a PATCH request with a --data flag with JSON formatted settings information.

It is not necessary to send the complete configuration object, you only need to send the configuration elements you would like to change. The table below contains details of your configuration options.

LogSeverity Level (string)control the logging settings. Your options are: fatal, error, warning, info, debug and trace.{"log": {"severity_level": "debug}}
Rest (SSL object)Configuration (string)SSL configuration file name{"rest": {"ssl": {"configuration": "openssl.cnf"}}}
CertificateSSL certificate file name{"rest": {"ssl": {certificate": "ssl_cert.pem"}}}
Private keySSL private key file name{"rest": {"ssl": {"private_key": "ssl_key.pem"}}}
Stealth Mode (stunnel)Enabled (boolean)true or false{"stunnel": {"enabled": "false"}}
Host (string)stunnel Host IP-address or hostname{"stunnel": {"host": ""}}
Port (integer)stunnel port number{"stunnel": {"port": "9255"}}
Open VPNDev nodeControls your OpenVPN settings.{"openvpn": {"dev-node": ""}}
ProxyEnabled (boolean)true or false{"proxy": {
"enabled": "false"}}
TypeType of proxy, this should be http{"proxy": {"type": "http"}}
Authentication (string)Whether you would like to authenticate (basic) or not (none). If you choose basic authentication you also have to add a username and password field.{"proxy":
"method": "none",
"username": "",
"password": "****"}}
Host (string)Proxy host IP-address or hostname{"proxy": {"host": ""}}
Port (integer)Proxy port number{"proxy": {"port": "80"}}