Skip to content
Cloudflare API
Start here
API Reference
Network Interconnects

CNIs

List existing CNI objects
GET/accounts/{account_id}/cni/cnis
Get information about a CNI object
GET/accounts/{account_id}/cni/cnis/{cni}
Create a new CNI object
POST/accounts/{account_id}/cni/cnis
Modify stored information about a CNI object
PUT/accounts/{account_id}/cni/cnis/{cni}
Delete a specified CNI object
DELETE/accounts/{account_id}/cni/cnis/{cni}
ModelsExpand Collapse
CNIListResponse = object { items, next }
items: array of object { id, account, cust_ip, 4 more }
id: string
formatuuid
account: string

Customer account tag

cust_ip: string

Customer end of the point-to-point link

This should always be inside the same prefix as p2p_ip.

formatA.B.C.D/N
interconnect: string

Interconnect identifier hosting this CNI

magic: object { conduit_name, description, mtu }
conduit_name: string
description: string
mtu: number
formatint32
minimum0
p2p_ip: string

Cloudflare end of the point-to-point link

formatA.B.C.D/N
bgp: optional object { customer_asn, extra_prefixes, md5_key }
customer_asn: number

ASN used on the customer end of the BGP session

formatint32
minimum0
extra_prefixes: array of string

Extra set of static prefixes to advertise to the customer's end of the session

md5_key: optional string

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

  • ASCII alphanumerics: [a-zA-Z0-9]
  • Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.

CNIGetResponse = object { id, account, cust_ip, 4 more }
id: string
formatuuid
account: string

Customer account tag

cust_ip: string

Customer end of the point-to-point link

This should always be inside the same prefix as p2p_ip.

formatA.B.C.D/N
interconnect: string

Interconnect identifier hosting this CNI

magic: object { conduit_name, description, mtu }
conduit_name: string
description: string
mtu: number
formatint32
minimum0
p2p_ip: string

Cloudflare end of the point-to-point link

formatA.B.C.D/N
bgp: optional object { customer_asn, extra_prefixes, md5_key }
customer_asn: number

ASN used on the customer end of the BGP session

formatint32
minimum0
extra_prefixes: array of string

Extra set of static prefixes to advertise to the customer's end of the session

md5_key: optional string

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

  • ASCII alphanumerics: [a-zA-Z0-9]
  • Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.

CNICreateResponse = object { id, account, cust_ip, 4 more }
id: string
formatuuid
account: string

Customer account tag

cust_ip: string

Customer end of the point-to-point link

This should always be inside the same prefix as p2p_ip.

formatA.B.C.D/N
interconnect: string

Interconnect identifier hosting this CNI

magic: object { conduit_name, description, mtu }
conduit_name: string
description: string
mtu: number
formatint32
minimum0
p2p_ip: string

Cloudflare end of the point-to-point link

formatA.B.C.D/N
bgp: optional object { customer_asn, extra_prefixes, md5_key }
customer_asn: number

ASN used on the customer end of the BGP session

formatint32
minimum0
extra_prefixes: array of string

Extra set of static prefixes to advertise to the customer's end of the session

md5_key: optional string

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

  • ASCII alphanumerics: [a-zA-Z0-9]
  • Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.

CNIUpdateResponse = object { id, account, cust_ip, 4 more }
id: string
formatuuid
account: string

Customer account tag

cust_ip: string

Customer end of the point-to-point link

This should always be inside the same prefix as p2p_ip.

formatA.B.C.D/N
interconnect: string

Interconnect identifier hosting this CNI

magic: object { conduit_name, description, mtu }
conduit_name: string
description: string
mtu: number
formatint32
minimum0
p2p_ip: string

Cloudflare end of the point-to-point link

formatA.B.C.D/N
bgp: optional object { customer_asn, extra_prefixes, md5_key }
customer_asn: number

ASN used on the customer end of the BGP session

formatint32
minimum0
extra_prefixes: array of string

Extra set of static prefixes to advertise to the customer's end of the session

md5_key: optional string

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

  • ASCII alphanumerics: [a-zA-Z0-9]
  • Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.