diff --git a/go.mod b/go.mod
index abb4156be81..2a585a6e133 100644
--- a/go.mod
+++ b/go.mod
@@ -66,7 +66,7 @@ require (
 	github.com/grafana/cuetsy v0.1.10 // @grafana/grafana-as-code
 	github.com/grafana/grafana-aws-sdk v0.19.1 // @grafana/aws-datasources
 	github.com/grafana/grafana-azure-sdk-go v1.9.0 // @grafana/backend-platform
-	github.com/grafana/grafana-plugin-sdk-go v0.182.0 // @grafana/plugins-platform-backend
+	github.com/grafana/grafana-plugin-sdk-go v0.180.0 // @grafana/plugins-platform-backend
 	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // @grafana/backend-platform
 	github.com/hashicorp/go-hclog v1.5.0 // @grafana/plugins-platform-backend
 	github.com/hashicorp/go-plugin v1.4.9 // @grafana/plugins-platform-backend
@@ -192,7 +192,7 @@ require (
 	github.com/miekg/dns v1.1.51 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.2 // @grafana/alerting-squad-backend
+	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/mpvl/unique v0.0.0-20150818121801-cbe035fff7de // indirect
 	github.com/oklog/run v1.1.0 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
diff --git a/go.sum b/go.sum
index 201dfd730e9..ffe33271aaf 100644
--- a/go.sum
+++ b/go.sum
@@ -1803,8 +1803,8 @@ github.com/grafana/grafana-google-sdk-go v0.1.0 h1:LKGY8z2DSxKjYfr2flZsWgTRTZ6HG
 github.com/grafana/grafana-google-sdk-go v0.1.0/go.mod h1:Vo2TKWfDVmNTELBUM+3lkrZvFtBws0qSZdXhQxRdJrE=
 github.com/grafana/grafana-plugin-sdk-go v0.94.0/go.mod h1:3VXz4nCv6wH5SfgB3mlW39s+c+LetqSCjFj7xxPC5+M=
 github.com/grafana/grafana-plugin-sdk-go v0.114.0/go.mod h1:D7x3ah+1d4phNXpbnOaxa/osSaZlwh9/ZUnGGzegRbk=
-github.com/grafana/grafana-plugin-sdk-go v0.182.0 h1:UDhzFEXDeskgJi5uG/uHJc350vrQp1hi/Eg8KUFw5Io=
-github.com/grafana/grafana-plugin-sdk-go v0.182.0/go.mod h1:fPX9spPWEzyUg0BLTQbdXCCq7PVSJZGNVKfNpiTQUts=
+github.com/grafana/grafana-plugin-sdk-go v0.180.0 h1:+5aFolBj2H7ze7oejIUjrkmZ9lSydnsbo3e4Kn1CN1Y=
+github.com/grafana/grafana-plugin-sdk-go v0.180.0/go.mod h1:fPX9spPWEzyUg0BLTQbdXCCq7PVSJZGNVKfNpiTQUts=
 github.com/grafana/kindsys v0.0.0-20230508162304-452481b63482 h1:1YNoeIhii4UIIQpCPU+EXidnqf449d0C3ZntAEt4KSo=
 github.com/grafana/kindsys v0.0.0-20230508162304-452481b63482/go.mod h1:GNcfpy5+SY6RVbNGQW264gC0r336Dm+0zgQ5vt6+M8Y=
 github.com/grafana/prometheus-alertmanager v0.25.1-0.20230918083811-3513be6760b7 h1:7gsywzIb39SYZEp9qOnNaxD4d9OOkAfJGvnRUQUtlTM=
diff --git a/pkg/plugins/backendplugin/coreplugin/core_plugin.go b/pkg/plugins/backendplugin/coreplugin/core_plugin.go
index e57d730ab34..9bd67096738 100644
--- a/pkg/plugins/backendplugin/coreplugin/core_plugin.go
+++ b/pkg/plugins/backendplugin/coreplugin/core_plugin.go
@@ -76,7 +76,6 @@ func (cp *corePlugin) CollectMetrics(_ context.Context, _ *backend.CollectMetric
 
 func (cp *corePlugin) CheckHealth(ctx context.Context, req *backend.CheckHealthRequest) (*backend.CheckHealthResult, error) {
 	if cp.CheckHealthHandler != nil {
-		ctx = backend.WithGrafanaConfig(ctx, req.PluginContext.GrafanaConfig)
 		return cp.CheckHealthHandler.CheckHealth(ctx, req)
 	}
 
@@ -85,7 +84,6 @@ func (cp *corePlugin) CheckHealth(ctx context.Context, req *backend.CheckHealthR
 
 func (cp *corePlugin) QueryData(ctx context.Context, req *backend.QueryDataRequest) (*backend.QueryDataResponse, error) {
 	if cp.QueryDataHandler != nil {
-		ctx = backend.WithGrafanaConfig(ctx, req.PluginContext.GrafanaConfig)
 		return cp.QueryDataHandler.QueryData(ctx, req)
 	}
 
@@ -94,7 +92,6 @@ func (cp *corePlugin) QueryData(ctx context.Context, req *backend.QueryDataReque
 
 func (cp *corePlugin) CallResource(ctx context.Context, req *backend.CallResourceRequest, sender backend.CallResourceResponseSender) error {
 	if cp.CallResourceHandler != nil {
-		ctx = backend.WithGrafanaConfig(ctx, req.PluginContext.GrafanaConfig)
 		return cp.CallResourceHandler.CallResource(ctx, req, sender)
 	}
 
@@ -103,7 +100,6 @@ func (cp *corePlugin) CallResource(ctx context.Context, req *backend.CallResourc
 
 func (cp *corePlugin) SubscribeStream(ctx context.Context, req *backend.SubscribeStreamRequest) (*backend.SubscribeStreamResponse, error) {
 	if cp.StreamHandler != nil {
-		ctx = backend.WithGrafanaConfig(ctx, req.PluginContext.GrafanaConfig)
 		return cp.StreamHandler.SubscribeStream(ctx, req)
 	}
 	return nil, plugins.ErrMethodNotImplemented
@@ -111,7 +107,6 @@ func (cp *corePlugin) SubscribeStream(ctx context.Context, req *backend.Subscrib
 
 func (cp *corePlugin) PublishStream(ctx context.Context, req *backend.PublishStreamRequest) (*backend.PublishStreamResponse, error) {
 	if cp.StreamHandler != nil {
-		ctx = backend.WithGrafanaConfig(ctx, req.PluginContext.GrafanaConfig)
 		return cp.StreamHandler.PublishStream(ctx, req)
 	}
 	return nil, plugins.ErrMethodNotImplemented
@@ -119,7 +114,6 @@ func (cp *corePlugin) PublishStream(ctx context.Context, req *backend.PublishStr
 
 func (cp *corePlugin) RunStream(ctx context.Context, req *backend.RunStreamRequest, sender *backend.StreamSender) error {
 	if cp.StreamHandler != nil {
-		ctx = backend.WithGrafanaConfig(ctx, req.PluginContext.GrafanaConfig)
 		return cp.StreamHandler.RunStream(ctx, req, sender)
 	}
 	return plugins.ErrMethodNotImplemented
diff --git a/pkg/services/datasources/service/datasource.go b/pkg/services/datasources/service/datasource.go
index 3daaa5979e0..6761b71ceb0 100644
--- a/pkg/services/datasources/service/datasource.go
+++ b/pkg/services/datasources/service/datasource.go
@@ -485,13 +485,6 @@ func (s *Service) httpClientOptions(ctx context.Context, ds *datasources.DataSou
 				Username: ds.JsonData.Get("secureSocksProxyUsername").MustString(ds.UID),
 			},
 			Timeouts: &sdkproxy.DefaultTimeoutOptions,
-			ClientCfg: &sdkproxy.ClientCfg{
-				ClientCert:   s.cfg.SecureSocksDSProxy.ClientCert,
-				ClientKey:    s.cfg.SecureSocksDSProxy.ClientKey,
-				RootCA:       s.cfg.SecureSocksDSProxy.RootCA,
-				ProxyAddress: s.cfg.SecureSocksDSProxy.ProxyAddress,
-				ServerName:   s.cfg.SecureSocksDSProxy.ServerName,
-			},
 		}
 
 		if val, exists, err := s.DecryptedValue(ctx, ds, "secureSocksProxyPassword"); err == nil && exists {
diff --git a/pkg/setting/setting_secure_socks_proxy.go b/pkg/setting/setting_secure_socks_proxy.go
index 41689d4ef02..64700ec2199 100644
--- a/pkg/setting/setting_secure_socks_proxy.go
+++ b/pkg/setting/setting_secure_socks_proxy.go
@@ -3,6 +3,7 @@ package setting
 import (
 	"errors"
 
+	sdkproxy "github.com/grafana/grafana-plugin-sdk-go/backend/proxy"
 	"gopkg.in/ini.v1"
 )
 
@@ -42,5 +43,21 @@ func readSecureSocksDSProxySettings(iniFile *ini.File) (SecureSocksDSProxySettin
 		return s, errors.New("proxy address required")
 	}
 
+	setDefaultProxyCli(s)
+
 	return s, nil
 }
+
+// setDefaultProxyCli overrides the default proxy cli for the sdk
+//
+// Note: Not optimal changing global state, but hard to not do in this case.
+func setDefaultProxyCli(cfg SecureSocksDSProxySettings) {
+	sdkproxy.Cli = sdkproxy.NewWithCfg(&sdkproxy.ClientCfg{
+		Enabled:      cfg.Enabled,
+		ClientCert:   cfg.ClientCert,
+		ClientKey:    cfg.ClientKey,
+		ServerName:   cfg.ServerName,
+		RootCA:       cfg.RootCA,
+		ProxyAddress: cfg.ProxyAddress,
+	})
+}
diff --git a/pkg/tsdb/azuremonitor/azuremonitor.go b/pkg/tsdb/azuremonitor/azuremonitor.go
index 9cf434c2f73..ac94cb02842 100644
--- a/pkg/tsdb/azuremonitor/azuremonitor.go
+++ b/pkg/tsdb/azuremonitor/azuremonitor.go
@@ -63,9 +63,9 @@ type Service struct {
 	resourceHandler backend.CallResourceHandler
 }
 
-func getDatasourceService(ctx context.Context, settings *backend.DataSourceInstanceSettings, cfg *setting.Cfg, clientProvider *httpclient.Provider, dsInfo types.DatasourceInfo, routeName string) (types.DatasourceService, error) {
+func getDatasourceService(settings *backend.DataSourceInstanceSettings, cfg *setting.Cfg, clientProvider *httpclient.Provider, dsInfo types.DatasourceInfo, routeName string) (types.DatasourceService, error) {
 	route := dsInfo.Routes[routeName]
-	client, err := newHTTPClient(ctx, route, dsInfo, settings, cfg, clientProvider)
+	client, err := newHTTPClient(route, dsInfo, settings, cfg, clientProvider)
 	if err != nil {
 		return types.DatasourceService{}, err
 	}
@@ -76,7 +76,7 @@ func getDatasourceService(ctx context.Context, settings *backend.DataSourceInsta
 }
 
 func NewInstanceSettings(cfg *setting.Cfg, clientProvider *httpclient.Provider, executors map[string]azDatasourceExecutor) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
 		jsonDataObj := map[string]any{}
 		err := json.Unmarshal(settings.JSONData, &jsonDataObj)
 		if err != nil {
@@ -116,7 +116,7 @@ func NewInstanceSettings(cfg *setting.Cfg, clientProvider *httpclient.Provider,
 		}
 
 		for routeName := range executors {
-			service, err := getDatasourceService(ctx, &settings, cfg, clientProvider, model, routeName)
+			service, err := getDatasourceService(&settings, cfg, clientProvider, model, routeName)
 			if err != nil {
 				return nil, err
 			}
diff --git a/pkg/tsdb/azuremonitor/httpclient.go b/pkg/tsdb/azuremonitor/httpclient.go
index 7aef1b53e05..fbe1d3ed8aa 100644
--- a/pkg/tsdb/azuremonitor/httpclient.go
+++ b/pkg/tsdb/azuremonitor/httpclient.go
@@ -1,7 +1,6 @@
 package azuremonitor
 
 import (
-	"context"
 	"crypto/tls"
 	"fmt"
 	"net/http"
@@ -21,8 +20,8 @@ type Provider interface {
 	GetTLSConfig(...httpclient.Options) (*tls.Config, error)
 }
 
-func newHTTPClient(ctx context.Context, route types.AzRoute, model types.DatasourceInfo, settings *backend.DataSourceInstanceSettings, cfg *setting.Cfg, clientProvider Provider) (*http.Client, error) {
-	clientOpts, err := settings.HTTPClientOptions(ctx)
+func newHTTPClient(route types.AzRoute, model types.DatasourceInfo, settings *backend.DataSourceInstanceSettings, cfg *setting.Cfg, clientProvider Provider) (*http.Client, error) {
+	clientOpts, err := settings.HTTPClientOptions()
 	if err != nil {
 		return nil, fmt.Errorf("error getting HTTP options: %w", err)
 	}
diff --git a/pkg/tsdb/azuremonitor/httpclient_test.go b/pkg/tsdb/azuremonitor/httpclient_test.go
index 9cd4a41c0cc..c569cbc27b9 100644
--- a/pkg/tsdb/azuremonitor/httpclient_test.go
+++ b/pkg/tsdb/azuremonitor/httpclient_test.go
@@ -1,7 +1,6 @@
 package azuremonitor
 
 import (
-	"context"
 	"crypto/tls"
 	"encoding/json"
 	"net/http"
@@ -40,7 +39,7 @@ func TestHttpClient_AzureCredentials(t *testing.T) {
 			Scopes: []string{"https://management.azure.com/.default"},
 		}
 
-		_, err := newHTTPClient(context.Background(), route, model, settings, cfg, provider)
+		_, err := newHTTPClient(route, model, settings, cfg, provider)
 		require.NoError(t, err)
 
 		require.NotNil(t, provider.opts)
@@ -53,7 +52,7 @@ func TestHttpClient_AzureCredentials(t *testing.T) {
 			Scopes: []string{},
 		}
 
-		_, err := newHTTPClient(context.Background(), route, model, settings, cfg, provider)
+		_, err := newHTTPClient(route, model, settings, cfg, provider)
 		require.NoError(t, err)
 
 		assert.NotNil(t, provider.opts)
@@ -74,7 +73,7 @@ func TestHttpClient_AzureCredentials(t *testing.T) {
 			"GrafanaHeader": "GrafanaValue",
 			"AzureHeader":   "AzureValue",
 		}
-		_, err := newHTTPClient(context.Background(), route, model, settings, cfg, provider)
+		_, err := newHTTPClient(route, model, settings, cfg, provider)
 		require.NoError(t, err)
 
 		assert.NotNil(t, provider.opts)
diff --git a/pkg/tsdb/cloud-monitoring/cloudmonitoring.go b/pkg/tsdb/cloud-monitoring/cloudmonitoring.go
index cb63abd0ad6..9c1213c03c8 100644
--- a/pkg/tsdb/cloud-monitoring/cloudmonitoring.go
+++ b/pkg/tsdb/cloud-monitoring/cloudmonitoring.go
@@ -161,7 +161,7 @@ type datasourceService struct {
 }
 
 func newInstanceSettings(httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
 		var jsonData datasourceJSONData
 		err := json.Unmarshal(settings.JSONData, &jsonData)
 		if err != nil {
@@ -188,7 +188,7 @@ func newInstanceSettings(httpClientProvider httpclient.Provider) datasource.Inst
 			return nil, err
 		}
 
-		opts, err := settings.HTTPClientOptions(ctx)
+		opts, err := settings.HTTPClientOptions()
 		if err != nil {
 			return nil, err
 		}
diff --git a/pkg/tsdb/cloudwatch/cloudwatch.go b/pkg/tsdb/cloudwatch/cloudwatch.go
index 85a33992369..57f2605c129 100644
--- a/pkg/tsdb/cloudwatch/cloudwatch.go
+++ b/pkg/tsdb/cloudwatch/cloudwatch.go
@@ -89,13 +89,13 @@ func newExecutor(im instancemgmt.InstanceManager, cfg *setting.Cfg, sessions Ses
 }
 
 func NewInstanceSettings(httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
 		instanceSettings, err := models.LoadCloudWatchSettings(settings)
 		if err != nil {
 			return nil, fmt.Errorf("error reading settings: %w", err)
 		}
 
-		opts, err := settings.HTTPClientOptions(ctx)
+		opts, err := settings.HTTPClientOptions()
 		if err != nil {
 			return nil, err
 		}
diff --git a/pkg/tsdb/elasticsearch/elasticsearch.go b/pkg/tsdb/elasticsearch/elasticsearch.go
index cd25200b52d..4ea44a9f613 100644
--- a/pkg/tsdb/elasticsearch/elasticsearch.go
+++ b/pkg/tsdb/elasticsearch/elasticsearch.go
@@ -71,13 +71,13 @@ func queryData(ctx context.Context, queries []backend.DataQuery, dsInfo *es.Data
 }
 
 func newInstanceSettings(httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
 		jsonData := map[string]any{}
 		err := json.Unmarshal(settings.JSONData, &jsonData)
 		if err != nil {
 			return nil, fmt.Errorf("error reading settings: %w", err)
 		}
-		httpCliOpts, err := settings.HTTPClientOptions(ctx)
+		httpCliOpts, err := settings.HTTPClientOptions()
 		if err != nil {
 			return nil, fmt.Errorf("error getting http options: %w", err)
 		}
diff --git a/pkg/tsdb/grafana-pyroscope-datasource/instance.go b/pkg/tsdb/grafana-pyroscope-datasource/instance.go
index 58b97e19d08..35d20788370 100644
--- a/pkg/tsdb/grafana-pyroscope-datasource/instance.go
+++ b/pkg/tsdb/grafana-pyroscope-datasource/instance.go
@@ -42,8 +42,8 @@ type PyroscopeDatasource struct {
 }
 
 // NewPyroscopeDatasource creates a new datasource instance.
-func NewPyroscopeDatasource(ctx context.Context, httpClientProvider httpclient.Provider, settings backend.DataSourceInstanceSettings, ac accesscontrol.AccessControl) (instancemgmt.Instance, error) {
-	opt, err := settings.HTTPClientOptions(ctx)
+func NewPyroscopeDatasource(httpClientProvider httpclient.Provider, settings backend.DataSourceInstanceSettings, ac accesscontrol.AccessControl) (instancemgmt.Instance, error) {
+	opt, err := settings.HTTPClientOptions()
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/tsdb/grafana-pyroscope-datasource/service.go b/pkg/tsdb/grafana-pyroscope-datasource/service.go
index 23f3ace482a..e208372faac 100644
--- a/pkg/tsdb/grafana-pyroscope-datasource/service.go
+++ b/pkg/tsdb/grafana-pyroscope-datasource/service.go
@@ -49,8 +49,8 @@ func ProvideService(httpClientProvider httpclient.Provider, ac accesscontrol.Acc
 }
 
 func newInstanceSettings(httpClientProvider httpclient.Provider, ac accesscontrol.AccessControl) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
-		return NewPyroscopeDatasource(ctx, httpClientProvider, settings, ac)
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+		return NewPyroscopeDatasource(httpClientProvider, settings, ac)
 	}
 }
 
diff --git a/pkg/tsdb/graphite/graphite.go b/pkg/tsdb/graphite/graphite.go
index 33f038078d0..e4cbde617ad 100644
--- a/pkg/tsdb/graphite/graphite.go
+++ b/pkg/tsdb/graphite/graphite.go
@@ -55,8 +55,8 @@ type datasourceInfo struct {
 }
 
 func newInstanceSettings(httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
-		opts, err := settings.HTTPClientOptions(ctx)
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+		opts, err := settings.HTTPClientOptions()
 		if err != nil {
 			return nil, err
 		}
diff --git a/pkg/tsdb/influxdb/influxdb.go b/pkg/tsdb/influxdb/influxdb.go
index 9a03d5ddc8a..bf4eb0b6325 100644
--- a/pkg/tsdb/influxdb/influxdb.go
+++ b/pkg/tsdb/influxdb/influxdb.go
@@ -31,8 +31,8 @@ func ProvideService(httpClient httpclient.Provider) *Service {
 }
 
 func newInstanceSettings(httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
-		opts, err := settings.HTTPClientOptions(ctx)
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+		opts, err := settings.HTTPClientOptions()
 		if err != nil {
 			return nil, err
 		}
diff --git a/pkg/tsdb/loki/loki.go b/pkg/tsdb/loki/loki.go
index ceb5b1d08c7..e9a3af9a9d9 100644
--- a/pkg/tsdb/loki/loki.go
+++ b/pkg/tsdb/loki/loki.go
@@ -89,8 +89,8 @@ func parseQueryModel(raw json.RawMessage) (*QueryJSONModel, error) {
 }
 
 func newInstanceSettings(httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
-		opts, err := settings.HTTPClientOptions(ctx)
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+		opts, err := settings.HTTPClientOptions()
 		if err != nil {
 			return nil, err
 		}
diff --git a/pkg/tsdb/mssql/mssql.go b/pkg/tsdb/mssql/mssql.go
index df224eddc5a..2b2ad38c975 100644
--- a/pkg/tsdb/mssql/mssql.go
+++ b/pkg/tsdb/mssql/mssql.go
@@ -111,8 +111,8 @@ func newInstanceSettings(cfg *setting.Cfg) datasource.InstanceFactoryFunc {
 		}
 
 		// register a new proxy driver if the secure socks proxy is enabled
-		proxyOpts := proxyutil.GetSQLProxyOptions(cfg.SecureSocksDSProxy, dsInfo)
-		if sdkproxy.New(proxyOpts).SecureSocksProxyEnabled() {
+		proxyOpts := proxyutil.GetSQLProxyOptions(dsInfo)
+		if sdkproxy.Cli.SecureSocksProxyEnabled(proxyOpts) {
 			URL, err := ParseURL(dsInfo.URL)
 			if err != nil {
 				return nil, err
diff --git a/pkg/tsdb/mssql/proxy.go b/pkg/tsdb/mssql/proxy.go
index e76886abe74..d06c20eccc0 100644
--- a/pkg/tsdb/mssql/proxy.go
+++ b/pkg/tsdb/mssql/proxy.go
@@ -71,7 +71,7 @@ var _ core.Driver = (*mssqlProxyDriver)(nil)
 // newMSSQLProxyDriver updates the dialer for a mssql connector with a dialer that proxys connections through the secure socks proxy
 // and returns a new mssql driver to register
 func newMSSQLProxyDriver(connector *mssql.Connector, hostName string, opts *sdkproxy.Options) (*mssqlProxyDriver, error) {
-	dialer, err := sdkproxy.New(opts).NewSecureSocksProxyContextDialer()
+	dialer, err := sdkproxy.Cli.NewSecureSocksProxyContextDialer(opts)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/tsdb/mssql/proxy_test.go b/pkg/tsdb/mssql/proxy_test.go
index 3a81e1855f0..bd214a1ad78 100644
--- a/pkg/tsdb/mssql/proxy_test.go
+++ b/pkg/tsdb/mssql/proxy_test.go
@@ -5,7 +5,6 @@ import (
 	"fmt"
 	"testing"
 
-	"github.com/grafana/grafana/pkg/setting"
 	"github.com/grafana/grafana/pkg/tsdb/sqleng"
 	"github.com/grafana/grafana/pkg/tsdb/sqleng/proxyutil"
 	mssql "github.com/microsoft/go-mssqldb"
@@ -15,16 +14,8 @@ import (
 
 func TestMSSQLProxyDriver(t *testing.T) {
 	settings := proxyutil.SetupTestSecureSocksProxySettings(t)
-	proxySettings := setting.SecureSocksDSProxySettings{
-		Enabled:      true,
-		ClientCert:   settings.ClientCert,
-		ClientKey:    settings.ClientKey,
-		RootCA:       settings.RootCA,
-		ProxyAddress: settings.ProxyAddress,
-		ServerName:   settings.ServerName,
-	}
 	dialect := "mssql"
-	opts := proxyutil.GetSQLProxyOptions(proxySettings, sqleng.DataSourceInfo{UID: "1", JsonData: sqleng.JsonData{SecureDSProxy: true}})
+	opts := proxyutil.GetSQLProxyOptions(sqleng.DataSourceInfo{UID: "1", JsonData: sqleng.JsonData{SecureDSProxy: true}})
 	cnnstr := "server=127.0.0.1;port=1433;user id=sa;password=yourStrong(!)Password;database=db"
 	driverName, err := createMSSQLProxyDriver(cnnstr, "127.0.0.1", opts)
 	require.NoError(t, err)
diff --git a/pkg/tsdb/mysql/mysql.go b/pkg/tsdb/mysql/mysql.go
index e65e02ec225..a408b19bc0b 100644
--- a/pkg/tsdb/mysql/mysql.go
+++ b/pkg/tsdb/mysql/mysql.go
@@ -51,7 +51,7 @@ func ProvideService(cfg *setting.Cfg, httpClientProvider httpclient.Provider) *S
 }
 
 func newInstanceSettings(cfg *setting.Cfg, httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
 		jsonData := sqleng.JsonData{
 			MaxOpenConns:            cfg.SqlDatasourceMaxOpenConnsDefault,
 			MaxIdleConns:            cfg.SqlDatasourceMaxIdleConnsDefault,
@@ -87,8 +87,8 @@ func newInstanceSettings(cfg *setting.Cfg, httpClientProvider httpclient.Provide
 		}
 
 		// register the secure socks proxy dialer context, if enabled
-		proxyOpts := proxyutil.GetSQLProxyOptions(cfg.SecureSocksDSProxy, dsInfo)
-		if sdkproxy.New(proxyOpts).SecureSocksProxyEnabled() {
+		proxyOpts := proxyutil.GetSQLProxyOptions(dsInfo)
+		if sdkproxy.Cli.SecureSocksProxyEnabled(proxyOpts) {
 			// UID is only unique per org, the only way to ensure uniqueness is to do it by connection information
 			uniqueIdentifier := dsInfo.User + dsInfo.DecryptedSecureJSONData["password"] + dsInfo.URL + dsInfo.Database
 			protocol, err = registerProxyDialerContext(protocol, uniqueIdentifier, proxyOpts)
@@ -109,7 +109,7 @@ func newInstanceSettings(cfg *setting.Cfg, httpClientProvider httpclient.Provide
 			cnnstr += "&allowCleartextPasswords=true"
 		}
 
-		opts, err := settings.HTTPClientOptions(ctx)
+		opts, err := settings.HTTPClientOptions()
 		if err != nil {
 			return nil, err
 		}
diff --git a/pkg/tsdb/mysql/proxy.go b/pkg/tsdb/mysql/proxy.go
index 07dc58ad125..3ca495ef6a7 100644
--- a/pkg/tsdb/mysql/proxy.go
+++ b/pkg/tsdb/mysql/proxy.go
@@ -39,7 +39,7 @@ type mySQLContextDialer struct {
 
 // getProxyDialerContext returns a context dialer that will send the request through to the secure socks proxy
 func getProxyDialerContext(actualNetwork string, opts *sdkproxy.Options) (*mySQLContextDialer, error) {
-	dialer, err := sdkproxy.New(opts).NewSecureSocksProxyContextDialer()
+	dialer, err := sdkproxy.Cli.NewSecureSocksProxyContextDialer(opts)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/tsdb/mysql/proxy_test.go b/pkg/tsdb/mysql/proxy_test.go
index 3abffe93ebb..62514716319 100644
--- a/pkg/tsdb/mysql/proxy_test.go
+++ b/pkg/tsdb/mysql/proxy_test.go
@@ -6,7 +6,6 @@ import (
 	"testing"
 
 	"github.com/go-sql-driver/mysql"
-	"github.com/grafana/grafana/pkg/setting"
 	"github.com/grafana/grafana/pkg/tsdb/sqleng"
 	"github.com/grafana/grafana/pkg/tsdb/sqleng/proxyutil"
 	"github.com/stretchr/testify/require"
@@ -14,16 +13,9 @@ import (
 
 func TestMySQLProxyDialer(t *testing.T) {
 	settings := proxyutil.SetupTestSecureSocksProxySettings(t)
-	proxySettings := setting.SecureSocksDSProxySettings{
-		Enabled:      true,
-		ClientCert:   settings.ClientCert,
-		ClientKey:    settings.ClientKey,
-		RootCA:       settings.RootCA,
-		ProxyAddress: settings.ProxyAddress,
-		ServerName:   settings.ServerName,
-	}
+
 	protocol := "tcp"
-	opts := proxyutil.GetSQLProxyOptions(proxySettings, sqleng.DataSourceInfo{UID: "1", JsonData: sqleng.JsonData{SecureDSProxy: true}})
+	opts := proxyutil.GetSQLProxyOptions(sqleng.DataSourceInfo{UID: "1", JsonData: sqleng.JsonData{SecureDSProxy: true}})
 	dbURL := "localhost:5432"
 	network, err := registerProxyDialerContext(protocol, dbURL, opts)
 	require.NoError(t, err)
diff --git a/pkg/tsdb/opentsdb/opentsdb.go b/pkg/tsdb/opentsdb/opentsdb.go
index 8dbf3c8a712..504490a3cef 100644
--- a/pkg/tsdb/opentsdb/opentsdb.go
+++ b/pkg/tsdb/opentsdb/opentsdb.go
@@ -43,8 +43,8 @@ type datasourceInfo struct {
 type DsAccess string
 
 func newInstanceSettings(httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
-		opts, err := settings.HTTPClientOptions(ctx)
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+		opts, err := settings.HTTPClientOptions()
 		if err != nil {
 			return nil, err
 		}
diff --git a/pkg/tsdb/parca/plugin.go b/pkg/tsdb/parca/plugin.go
index 50bf3a233a9..0ca260aebe9 100644
--- a/pkg/tsdb/parca/plugin.go
+++ b/pkg/tsdb/parca/plugin.go
@@ -35,8 +35,8 @@ type ParcaDatasource struct {
 }
 
 // NewParcaDatasource creates a new datasource instance.
-func NewParcaDatasource(ctx context.Context, httpClientProvider httpclient.Provider, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
-	opt, err := settings.HTTPClientOptions(ctx)
+func NewParcaDatasource(httpClientProvider httpclient.Provider, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+	opt, err := settings.HTTPClientOptions()
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/tsdb/parca/service.go b/pkg/tsdb/parca/service.go
index b47b2ad7abf..08c71da0bfe 100644
--- a/pkg/tsdb/parca/service.go
+++ b/pkg/tsdb/parca/service.go
@@ -47,8 +47,8 @@ func ProvideService(httpClientProvider httpclient.Provider) *Service {
 }
 
 func newInstanceSettings(httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
-		return NewParcaDatasource(ctx, httpClientProvider, settings)
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+		return NewParcaDatasource(httpClientProvider, settings)
 	}
 }
 
diff --git a/pkg/tsdb/postgres/postgres.go b/pkg/tsdb/postgres/postgres.go
index b11daefa253..00952b28a3d 100644
--- a/pkg/tsdb/postgres/postgres.go
+++ b/pkg/tsdb/postgres/postgres.go
@@ -97,8 +97,8 @@ func (s *Service) newInstanceSettings(cfg *setting.Cfg) datasource.InstanceFacto
 
 		driverName := "postgres"
 		// register a proxy driver if the secure socks proxy is enabled
-		proxyOpts := proxyutil.GetSQLProxyOptions(cfg.SecureSocksDSProxy, dsInfo)
-		if sdkproxy.New(proxyOpts).SecureSocksProxyEnabled() {
+		proxyOpts := proxyutil.GetSQLProxyOptions(dsInfo)
+		if sdkproxy.Cli.SecureSocksProxyEnabled(proxyOpts) {
 			driverName, err = createPostgresProxyDriver(cnnstr, proxyOpts)
 			if err != nil {
 				return "", nil
diff --git a/pkg/tsdb/postgres/proxy.go b/pkg/tsdb/postgres/proxy.go
index f7ceaeb0237..fbe4f43a8e9 100644
--- a/pkg/tsdb/postgres/proxy.go
+++ b/pkg/tsdb/postgres/proxy.go
@@ -55,10 +55,10 @@ type postgresProxyDriver struct {
 var _ driver.DriverContext = (*postgresProxyDriver)(nil)
 var _ core.Driver = (*postgresProxyDriver)(nil)
 
-// newPostgresProxyDriver updates the dialer for a postgres connector with a dialer that proxies connections through the secure socks proxy
+// newPostgresProxyDriver updates the dialer for a postgres connector with a dialer that proxys connections through the secure socks proxy
 // and returns a new postgres driver to register
 func newPostgresProxyDriver(connector *pq.Connector, opts *sdkproxy.Options) (*postgresProxyDriver, error) {
-	dialer, err := sdkproxy.New(opts).NewSecureSocksProxyContextDialer()
+	dialer, err := sdkproxy.Cli.NewSecureSocksProxyContextDialer(opts)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/tsdb/postgres/proxy_test.go b/pkg/tsdb/postgres/proxy_test.go
index 7b4f12be518..819d8cc93b6 100644
--- a/pkg/tsdb/postgres/proxy_test.go
+++ b/pkg/tsdb/postgres/proxy_test.go
@@ -5,7 +5,6 @@ import (
 	"fmt"
 	"testing"
 
-	"github.com/grafana/grafana/pkg/setting"
 	"github.com/grafana/grafana/pkg/tsdb/sqleng"
 	"github.com/grafana/grafana/pkg/tsdb/sqleng/proxyutil"
 	"github.com/lib/pq"
@@ -15,16 +14,8 @@ import (
 
 func TestPostgresProxyDriver(t *testing.T) {
 	dialect := "postgres"
+	opts := proxyutil.GetSQLProxyOptions(sqleng.DataSourceInfo{UID: "1", JsonData: sqleng.JsonData{SecureDSProxy: true}})
 	settings := proxyutil.SetupTestSecureSocksProxySettings(t)
-	proxySettings := setting.SecureSocksDSProxySettings{
-		Enabled:      true,
-		ClientCert:   settings.ClientCert,
-		ClientKey:    settings.ClientKey,
-		RootCA:       settings.RootCA,
-		ProxyAddress: settings.ProxyAddress,
-		ServerName:   settings.ServerName,
-	}
-	opts := proxyutil.GetSQLProxyOptions(proxySettings, sqleng.DataSourceInfo{UID: "1", JsonData: sqleng.JsonData{SecureDSProxy: true}})
 	dbURL := "localhost:5432"
 	cnnstr := fmt.Sprintf("postgres://auser:password@%s/db?sslmode=disable", dbURL)
 	driverName, err := createPostgresProxyDriver(cnnstr, opts)
diff --git a/pkg/tsdb/prometheus/client/transport.go b/pkg/tsdb/prometheus/client/transport.go
index 0084daa52e8..2ec74ec72f7 100644
--- a/pkg/tsdb/prometheus/client/transport.go
+++ b/pkg/tsdb/prometheus/client/transport.go
@@ -1,7 +1,6 @@
 package client
 
 import (
-	"context"
 	"fmt"
 	"strings"
 
@@ -18,8 +17,8 @@ import (
 
 // CreateTransportOptions creates options for the http client. Probably should be shared and should not live in the
 // buffered package.
-func CreateTransportOptions(ctx context.Context, settings backend.DataSourceInstanceSettings, cfg *setting.Cfg, logger log.Logger) (*sdkhttpclient.Options, error) {
-	opts, err := settings.HTTPClientOptions(ctx)
+func CreateTransportOptions(settings backend.DataSourceInstanceSettings, cfg *setting.Cfg, logger log.Logger) (*sdkhttpclient.Options, error) {
+	opts, err := settings.HTTPClientOptions()
 	if err != nil {
 		return nil, fmt.Errorf("error getting HTTP options: %w", err)
 	}
diff --git a/pkg/tsdb/prometheus/client/transport_test.go b/pkg/tsdb/prometheus/client/transport_test.go
index f6be58c1cbd..67f0e92b49d 100644
--- a/pkg/tsdb/prometheus/client/transport_test.go
+++ b/pkg/tsdb/prometheus/client/transport_test.go
@@ -1,7 +1,6 @@
 package client
 
 import (
-	"context"
 	"testing"
 
 	"github.com/grafana/grafana-azure-sdk-go/azsettings"
@@ -22,7 +21,7 @@ func TestCreateTransportOptions(t *testing.T) {
 				"httpHeaderValue1": "bar",
 			},
 		}
-		opts, err := CreateTransportOptions(context.Background(), settings, &setting.Cfg{}, &logtest.Fake{})
+		opts, err := CreateTransportOptions(settings, &setting.Cfg{}, &logtest.Fake{})
 		require.NoError(t, err)
 		require.Equal(t, map[string]string{"foo": "bar"}, opts.Headers)
 		require.Equal(t, 2, len(opts.Middlewares))
@@ -39,7 +38,7 @@ func TestCreateTransportOptions(t *testing.T) {
 			}`),
 			DecryptedSecureJSONData: map[string]string{},
 		}
-		opts, err := CreateTransportOptions(context.Background(), settings, &setting.Cfg{AzureAuthEnabled: true, Azure: &azsettings.AzureSettings{}}, &logtest.Fake{})
+		opts, err := CreateTransportOptions(settings, &setting.Cfg{AzureAuthEnabled: true, Azure: &azsettings.AzureSettings{}}, &logtest.Fake{})
 		require.NoError(t, err)
 		require.Equal(t, 3, len(opts.Middlewares))
 	})
diff --git a/pkg/tsdb/prometheus/prometheus.go b/pkg/tsdb/prometheus/prometheus.go
index 8402ca5abab..8987b8f0c8b 100644
--- a/pkg/tsdb/prometheus/prometheus.go
+++ b/pkg/tsdb/prometheus/prometheus.go
@@ -46,9 +46,9 @@ func ProvideService(httpClientProvider httpclient.Provider, cfg *setting.Cfg, fe
 }
 
 func newInstanceSettings(httpClientProvider httpclient.Provider, cfg *setting.Cfg, features featuremgmt.FeatureToggles, tracer tracing.Tracer) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
 		// Creates a http roundTripper.
-		opts, err := client.CreateTransportOptions(ctx, settings, cfg, plog)
+		opts, err := client.CreateTransportOptions(settings, cfg, plog)
 		if err != nil {
 			return nil, fmt.Errorf("error creating transport options: %v", err)
 		}
diff --git a/pkg/tsdb/prometheus/querydata/request_test.go b/pkg/tsdb/prometheus/querydata/request_test.go
index faaad26620f..0ce04336061 100644
--- a/pkg/tsdb/prometheus/querydata/request_test.go
+++ b/pkg/tsdb/prometheus/querydata/request_test.go
@@ -445,7 +445,7 @@ func setup() (*testContext, error) {
 
 	features := &fakeFeatureToggles{flags: map[string]bool{"prometheusBufferedClient": false}}
 
-	opts, err := client.CreateTransportOptions(context.Background(), settings, &setting.Cfg{}, &logtest.Fake{})
+	opts, err := client.CreateTransportOptions(settings, &setting.Cfg{}, &logtest.Fake{})
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/tsdb/sqleng/proxyutil/proxy_test_util.go b/pkg/tsdb/sqleng/proxyutil/proxy_test_util.go
index 8b9783e1b37..a5e31263a01 100644
--- a/pkg/tsdb/sqleng/proxyutil/proxy_test_util.go
+++ b/pkg/tsdb/sqleng/proxyutil/proxy_test_util.go
@@ -100,6 +100,7 @@ func SetupTestSecureSocksProxySettings(t *testing.T) *sdkproxy.ClientCfg {
 	require.NoError(t, err)
 
 	settings := &sdkproxy.ClientCfg{
+		Enabled:      true,
 		ClientCert:   clientCert,
 		ClientKey:    clientKey,
 		RootCA:       rootCACert,
@@ -107,5 +108,6 @@ func SetupTestSecureSocksProxySettings(t *testing.T) *sdkproxy.ClientCfg {
 		ProxyAddress: proxyAddress,
 	}
 
+	sdkproxy.Cli = sdkproxy.NewWithCfg(settings)
 	return settings
 }
diff --git a/pkg/tsdb/sqleng/proxyutil/proxy_util.go b/pkg/tsdb/sqleng/proxyutil/proxy_util.go
index ce82abb9552..507988a277a 100644
--- a/pkg/tsdb/sqleng/proxyutil/proxy_util.go
+++ b/pkg/tsdb/sqleng/proxyutil/proxy_util.go
@@ -2,23 +2,15 @@ package proxyutil
 
 import (
 	sdkproxy "github.com/grafana/grafana-plugin-sdk-go/backend/proxy"
-	"github.com/grafana/grafana/pkg/setting"
 	"github.com/grafana/grafana/pkg/tsdb/sqleng"
 )
 
-func GetSQLProxyOptions(cfg setting.SecureSocksDSProxySettings, dsInfo sqleng.DataSourceInfo) *sdkproxy.Options {
+func GetSQLProxyOptions(dsInfo sqleng.DataSourceInfo) *sdkproxy.Options {
 	opts := &sdkproxy.Options{
-		Enabled: dsInfo.JsonData.SecureDSProxy && cfg.Enabled,
+		Enabled: dsInfo.JsonData.SecureDSProxy,
 		Auth: &sdkproxy.AuthOptions{
 			Username: dsInfo.UID,
 		},
-		ClientCfg: &sdkproxy.ClientCfg{
-			ClientCert:   cfg.ClientCert,
-			ClientKey:    cfg.ClientKey,
-			ServerName:   cfg.ServerName,
-			RootCA:       cfg.RootCA,
-			ProxyAddress: cfg.ProxyAddress,
-		},
 	}
 	if dsInfo.JsonData.SecureDSProxyUsername != "" {
 		opts.Auth.Username = dsInfo.JsonData.SecureDSProxyUsername
diff --git a/pkg/tsdb/tempo/tempo.go b/pkg/tsdb/tempo/tempo.go
index b4c924de285..7a75c70b689 100644
--- a/pkg/tsdb/tempo/tempo.go
+++ b/pkg/tsdb/tempo/tempo.go
@@ -33,8 +33,8 @@ type Datasource struct {
 }
 
 func newInstanceSettings(httpClientProvider httpclient.Provider) datasource.InstanceFactoryFunc {
-	return func(ctx context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
-		opts, err := settings.HTTPClientOptions(ctx)
+	return func(_ context.Context, settings backend.DataSourceInstanceSettings) (instancemgmt.Instance, error) {
+		opts, err := settings.HTTPClientOptions()
 		if err != nil {
 			return nil, err
 		}