mullvad api-access command manages access methods for connecting to the Mullvad API. Access methods are used when direct connections fail, such as when using the VPN from censored networks.
Overview
Access methods allow the Mullvad daemon to reach the API via:- Direct connection (default)
- Mullvad bridge servers
- Custom SOCKS5 proxies
- Custom Shadowsocks proxies
Usage
Subcommands
list
List all configured API access methods.add
Add a custom API access method.socks5- SOCKS5 proxyshadowsocks- Shadowsocks proxy
remove
Remove a custom API access method by name or index.set
Set the active API access method.test
Test an API access method.Examples
List access methods
Add SOCKS5 proxy
Add Shadowsocks proxy
Set active method
Test access method
Remove custom method
Built-in access methods
Direct
Connects directly to the Mullvad API over HTTPS. This is the default and fastest method when available.Mullvad Bridges
Connects via Mullvad’s bridge servers using Shadowsocks. Automatically configured and maintained by Mullvad. Useful when direct connections are blocked.Custom access methods
You can add custom proxies when:- Operating in networks with strict firewall rules
- Behind corporate proxies
- In regions with heavy censorship
- You have your own proxy infrastructure
Automatic failover
The daemon automatically:- Tries the currently active access method
- If that fails, tries other configured methods in order
- Switches to the first successful method
- Retries periodically if all methods fail
What requires API access
- Account login and logout
- Fetching relay list
- WireGuard key rotation
- Device management
- Voucher redemption
- Account information queries
Once connected to the VPN, API calls go through the tunnel. Access methods are primarily used before connection or when disconnected.
Exit status
0- Success1- Daemon error, invalid configuration, or connection failure
Related commands
anti-censorship- Configure tunnel obfuscationstatus- Check connection status