Setup
You can control Aegis enablement on your zones via API. If you are not familiar with how Cloudflare API works, refer to Fundamentals.
- The Aegis zone setting endpoint is only available within Cloudflare accounts that own leased IPs, or accounts to which a BYOIP prefix has been delegated. If you wish to use Aegis for zones that do not meet this criteria, contact your account team.
- Each Aegis pool can consist of either IPs from a BYOIP prefix or Cloudflare-leased IPs. A single dedicated egress pool cannot contain both BYOIPs and leased IPs.
- Contact your account team to get the ID for your dedicated egress pool.
- Make a PATCHrequest to the Edit Zone Setting endpoint:
- Specify aegisas the setting ID in the URL.
- In the request body, set enabledtotrueand use the ID from the previous step aspool_id.
Required API token permissions
 
At least one of the following token permissions 
is required:
- Zone Settings Write
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/settings/aegis" \  --request PATCH \  --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \  --json '{    "id": "aegis",    "value": {        "enabled": true,        "pool_id": "<YOUR_EGRESS_POOL_ID>"    }  }'A list of your leased Aegis IPs (dedicated IPs for CDN egress) is available on the dashboard under IP addresses > Leased IPs ↗.
If you are using BYOIP, refer to IP addresses > BYOIP prefixes ↗ instead.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Directory
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- © 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark
-