vercel · icyJoseph · Oct 27, 2025 · Oct 25, 2025 · Oct 25, 2025 · Oct 27, 2025
diff --git a/docs/01-app/01-getting-started/16-proxy.mdx b/docs/01-app/01-getting-started/16-proxy.mdx
@@ -22,10 +22,7 @@ Some common scenarios where Proxy is effective include:
 - Rewriting to different pages based on A/B tests or experiments
 - Modifying headers for all pages or a subset of pages
 
-Proxy is _not_ a good fit for:
-
-- Slow data fetching
-- Session management
+Proxy is _not_ intended for slow data fetching. While Proxy can be helpful for [optimistic checks](/docs/app/guides/authentication#optimistic-checks-with-proxy-optional) such as permission-based redirects, it should not be used as a full session management or authorization solution.
 
 Using fetch with `options.cache`, `options.next.revalidate`, or `options.next.tags`, has no effect in Proxy.
 

diff --git a/docs/01-app/02-guides/authentication.mdx b/docs/01-app/02-guides/authentication.mdx
@@ -1121,7 +1121,7 @@ While Proxy can be useful for initial checks, it should not be your only line of
 > **Tips**:
 >
 > - In Proxy, you can also read cookies using `req.cookies.get('session').value`.
-> - Proxy uses the [Edge Runtime](/docs/app/api-reference/edge), check if your Auth library and session management library are compatible.
+> - Proxy uses the Node.js runtime, check if your Auth library and session management library are compatible. You may need to use [Middleware](https://github.com/vercel/next.js/blob/v15.5.6/docs/01-app/03-api-reference/03-file-conventions/middleware.mdx) if your Auth library only supports [Edge Runtime](/docs/app/api-reference/edge)
-> - Proxy uses the Node.js runtime, check if your Auth library and session management library are compatible. You may need to use [Middleware](https://github.com/vercel/next.js/blob/v15.5.6/docs/01-app/03-api-reference/03-file-conventions/middleware.mdx) if your Auth library only supports [Edge Runtime](/docs/app/api-reference/edge)
+> - Proxy uses the Node.js runtime, check if your Auth library and session management library are compatible. You may need to use [Proxy](/docs/app/api-reference/file-conventions/proxy) if your Auth library only supports [Edge Runtime](/docs/app/api-reference/edge)
-> - Proxy uses the Node.js runtime, check if your Auth library and session management library are compatible. You may need to use [Middleware](https://github.com/vercel/next.js/blob/v15.5.6/docs/01-app/03-api-reference/03-file-conventions/middleware.mdx) if your Auth library only supports [Edge Runtime](/docs/app/api-reference/edge)
+> - Proxy uses the Node.js runtime, check if your Auth library and session management library are compatible. You may need to use [Proxy](/docs/app/api-reference/file-conventions/proxy) if your Auth library only supports [Edge Runtime](/docs/app/api-reference/edge)
 > - You can use the `matcher` property in the Proxy to specify which routes Proxy should run on. Although, for auth, it's recommended Proxy runs on all routes.
 
 <AppOnly>

diff --git a/docs/01-app/03-api-reference/03-file-conventions/proxy.mdx b/docs/01-app/03-api-reference/03-file-conventions/proxy.mdx
@@ -80,7 +80,18 @@ export const config = {
 }
 ```
 
-Additionally, the `matcher` option supports complex path specifications through regular expressions, such as `matcher: ['/((?!api|_next/static|_next/image|.*\\.png$).*)']`, enabling precise control over which paths to include or exclude.
+Additionally, the `matcher` option supports complex path specifications using regular expressions. For example, you can exclude certain paths with a regular expression matcher:
+
+```js filename="proxy.js"
+export const config = {
+  matcher: [
+    // Exclude API routes, static files, image optimizations, and .png files
+    '/((?!api|_next/static|_next/image|.*\\.png$).*)',
+  ],
+}
+```
+
+This enables precise control over which paths to include or exclude.
 
 The `matcher` option accepts an array of objects with the following keys: