Self-Host Session Replay SDKs

Self-hosting lets you serve Amplitude SDK files and route API calls through your own domain instead of amplitude.com. The two main reasons to do this are:

• Ad blocker bypass: Many browser extensions and tracking prevention tools block requests to amplitude.com domains. Routing through your own domain avoids this.
• Data residency / compliance: Your organization may require that data never leaves your own infrastructure before it reaches Amplitude.

There are two independent parts to self-hosting:

1. Host the SDK script: serve the SDK .js file from your own CDN or static file server (browser only; npm/bundled installs skip this step).
2. Proxy API calls: forward SDK network requests through your own server before they reach Amplitude's ingestion endpoints.

You can implement either or both parts independently.

Part 1: Self-host the SDK script

This applies to browser-based SDKs loaded through a <script> tag. If you install through npm and bundle the SDK yourself, skip to Part 2.

Get the SDK file

Option A: Download from Amplitude's CDN:

# Session Replay Plugin (latest: 1.28.1)
curl -O https://cdn.amplitude.com/libs/plugin-session-replay-browser-1.28.1-min.js.gz

# Session Replay Standalone SDK (latest: 1.39.0)
curl -O https://cdn.amplitude.com/libs/session-replay-browser-1.39.0-min.js.gz

# Browser SDK (latest: 2.42.0 — only needed if also self-hosting analytics)
curl -O https://cdn.amplitude.com/libs/analytics-browser-2.42.0-min.js.gz

Option B: Pull from npm:

pnpm pack @amplitude/plugin-session-replay-browser@1.28.1
# or
pnpm pack @amplitude/session-replay-browser@1.39.0

This produces a .tgz tarball. Extract it and locate the UMD bundle inside the package/lib/scripts/ directory, for example, plugin-session-replay-browser-1.28.1.umd.js. Serve that file from your own origin.

For the latest version numbers, check:

• npm: @amplitude/plugin-session-replay-browser
• npm: @amplitude/session-replay-browser

Serve the file

Host the file on your own CDN or static file server, then update your <script> tags:

<!-- Before -->
<script src="https://cdn.amplitude.com/libs/analytics-browser-2.42.0-min.js.gz"></script>
<script src="https://cdn.amplitude.com/libs/plugin-session-replay-browser-1.28.1-min.js.gz"></script>

<!-- After -->
<script src="https://assets.yourdomain.com/libs/analytics-browser-2.42.0-min.js.gz"></script>
<script src="https://assets.yourdomain.com/libs/plugin-session-replay-browser-1.28.1-min.js.gz"></script>

Part 2: Proxy API calls

Route SDK network requests through your own server so they don't go directly to amplitude.com endpoints. Your proxy server receives the request and forwards it to Amplitude's default endpoint, returning the response unchanged.

How the proxy works

A minimal proxy implementation should:

1. Accept requests from the SDK at your custom URL.
2. Forward the full request body and all headers (except Host) to the corresponding Amplitude endpoint.
3. Return Amplitude's response to the SDK unchanged, including the status code, headers, and body.

Your proxy should be transparent. Don't strip, modify, or buffer the request or response payload. The SDK handles retries, so your proxy doesn't need to.

Analytics SDKs

Applies to: Browser SDK, Android (Kotlin) SDK, iOS (Swift) SDK, React Native SDK, Node.js SDK, Python SDK, Go SDK.

Use the serverUrl configuration option to point the SDK at your proxy:

amplitude.init('API_KEY', {
  serverUrl: 'https://analytics.yourdomain.com/2/httpapi'
});

Your proxy should forward requests to the appropriate Amplitude endpoint:

Use the batch endpoints for high-volume environments. To enable batch mode, set useBatch: true on the SDK and point serverUrl at your proxy path that forwards to the batch endpoint:

amplitude.init('API_KEY', {
  useBatch: true,
  serverUrl: 'https://analytics.yourdomain.com/batch'
});

Remote config proxy (Browser SDK 2 only):

Browser SDK 2 fetches remote configuration separately. To proxy those requests as well, use the remoteConfig.serverUrl option:

amplitude.init('API_KEY', {
  serverUrl: 'https://analytics.yourdomain.com/2/httpapi',
  remoteConfig: {
    serverUrl: 'https://analytics.yourdomain.com/config'
  }
});

Session Replay: Browser (Plugin and Standalone SDK)

Session Replay uses two separate endpoints. You can override each independently.

Session Replay Plugin:

sessionReplayPlugin({
  trackServerUrl: 'https://replay.yourdomain.com/sessions/v2/track',
  configServerUrl: 'https://replay.yourdomain.com/config'
});

Session Replay Standalone SDK:

sessionReplay.init('API_KEY', {
  trackServerUrl: 'https://replay.yourdomain.com/sessions/v2/track',
  configServerUrl: 'https://replay.yourdomain.com/config'
});

Session Replay: Mobile (Android, iOS, React Native)

The mobile Session Replay plugins don't support custom proxy URLs. The only routing option is serverZone, which switches between Amplitude's US and EU data centers. Data still flows directly to Amplitude's servers. It doesn't pass through your own infrastructure.

// Android — set on the Amplitude SDK configuration
serverZone = ServerZone.EU

// iOS — set on the Amplitude SDK configuration
serverZone: .EU

Content Security Policy (CSP)

If your app sets a Content Security Policy, update it when switching to self-hosted files and proxied endpoints.

Example CSP (fully self-hosted):

Content-Security-Policy: script-src 'self' https://assets.yourdomain.com; connect-src 'self' https://analytics.yourdomain.com https://replay.yourdomain.com; worker-src 'self' blob:;

Because your proxy handles routing to Amplitude's US or EU endpoints, the CSP only needs to reference your own domain. The same policy works for both regions.