## Patch Auto-Origin TLS KEX enrollment status for the given zone

`ssl.auto_origin_tls_kex.edit(AutoOriginTLSKexEditParams**kwargs)  -> AutoOriginTLSKexEditResponse`

**patch** `/zones/{zone_id}/settings/auto_origin_tls_kex`

Enable or disable Auto-Origin TLS KEX selection for the zone by sending `{"enabled": true}` or `{"enabled": false}`. When enabled, Cloudflare runs a periodic scan of the zone's origins to determine the preferred key-exchange algorithm and writes that preference to the edge so it is sent first in the TLS ClientHello to the origin.

### Parameters

- `zone_id: str`

- `enabled: bool`

  Controls enablement of Auto-Origin TLS KEX selection for the zone.

### Returns

- `class AutoOriginTLSKexEditResponse: …`

  - `id: str`

  - `enabled: bool`

    Whether Auto-Origin TLS KEX selection is enabled for the zone.

  - `modified_on: datetime`

    Last time this setting was modified.

### Example

```python
import os
from cloudflare import Cloudflare

client = Cloudflare(
    api_token=os.environ.get("CLOUDFLARE_API_TOKEN"),  # This is the default and can be omitted
)
response = client.ssl.auto_origin_tls_kex.edit(
    zone_id="023e105f4ecef8ad9ca31a8372d0c353",
    enabled=True,
)
print(response.id)
```

#### Response

```json
{
  "errors": [],
  "messages": [],
  "result": {
    "enabled": false,
    "id": "auto_origin_tls_kex",
    "modified_on": "2014-01-01T05:20:00.12345Z"
  },
  "success": true
}
```