• You have Cloudfalre Zero Trust and you are on the free account.
  • Your home/office IP is not static.
  • You cannot log into Cloudflare Zero Trust all the time to update the IP address.


Cloudflare has an extensive list of APIs available to do just about anything. We are interested in this API:

Step 1: Create an API Key and grab your Account ID

You can click on any of your domain names and create an API key that has Zero Trust Read and Edit permissions.

Account ID and API Key
Zero Trust read and Edit

Step 2: Get a list of Zero Trust Gateway Locations

curl --location '{{account_id}}/gateway/locations' \
--header 'Authorization: Bearer {{api_key}}'

Your response will look something like this. The first “id” is your Zero Trust location.

List zero trust location response

Step 3: Update the IP address

Here you can get creative. For example, you can use dig or some other tool to periodically check your local IP address and compare it to what you have configured in your Zero Trust. This can be automated.

Should your IP change, you can update it using this API call:

curl --location --request PUT '{{account_id}}/gateway/locations/{{zone_id}}' \
--header 'Authorization: Bearer {{api_key}}' \
--header 'Content-Type: application/json' \
--data '{
    "client_default": true,
    "ecs_support": false,
    "name": "Home",
    "networks": [
            "network": ""

You will notice there is a bug in the Cloudflare API documentation in their “networks” key for this call. This post explains it: