Create a URL rewrite rule via API
Use the Rulesets API to create URL Rewrite Rules via API. Refer to the Rules examples gallery for common use cases.
If you are using Terraform, refer to Transform Rules configuration using Terraform.
When creating a URL rewrite rule via API, make sure you:
- Set the rule action to
rewrite. - Define the URL rewrite parameters in the
action_parametersfield according to the type of URL rewrite (static or dynamic). - Deploy the rule to the
http_request_transformphase at the zone level.
Follow this workflow to create a URL rewrite rule for a given zone via API:
-
Use the List zone rulesets operation to check if there is already a ruleset for the
http_request_transformphase at the zone level. -
If the phase ruleset does not exist, create it using the Create a zone ruleset operation. In the new ruleset properties, set the following values:
- kind:
zone - phase:
http_request_transform
- kind:
-
Use the Update a zone ruleset operation to add a URL rewrite rule to the list of ruleset rules. Alternatively, include the rule in the Create a zone ruleset request mentioned in the previous step.
Make sure your API token has the required permissions to perform the API operations.
Example: Add a rule that performs a static URL rewrite
The following example sets the rules of an existing phase ruleset ($RULESET_ID) to a single URL rewrite rule — performing a static rewrite of the URI path — using the Update a zone ruleset operation. The response will contain the complete definition of the ruleset you updated.
Required API token permissions
At least one of the following token permissions
is required:
Response Compression WriteConfig Settings WriteDynamic URL Redirects WriteCache Settings WriteCustom Errors WriteOrigin WriteManaged headers WriteZone Transform Rules WriteMass URL Redirects WriteMagic Firewall WriteL4 DDoS Managed Ruleset WriteHTTP DDoS Managed Ruleset WriteSanitize WriteTransform Rules WriteSelect Configuration WriteBot Management WriteZone WAF WriteAccount WAF WriteAccount Rulesets WriteLogs WriteLogs Write
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/rulesets/$RULESET_ID" \ --request PUT \ --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ --json '{ "rules": [ { "expression": "(http.request.uri.query contains \"eu\")", "description": "My first static URL rewrite rule", "action": "rewrite", "action_parameters": { "uri": { "path": { "value": "/emea.html" } } } } ] }'{ "result": { "id": "<RULESET_ID>", "name": "Zone-level Transform Ruleset", "description": "Zone-level ruleset that will execute Transform Rules.", "kind": "zone", "version": "2", "rules": [ { "id": "<RULE_ID>", "version": "1", "action": "rewrite", "action_parameters": { "uri": { "path": { "value": "/emea.html" } } }, "expression": "(http.request.uri.query contains \"eu\")", "description": "My first static URL rewrite rule", "last_updated": "2021-04-14T14:42:04.219025Z", "ref": "<RULE_REF>" } ], "last_updated": "2021-04-14T14:42:04.219025Z", "phase": "http_request_transform" }, "success": true, "errors": [], "messages": []}Example: Add a rule that performs a dynamic URL rewrite
The following example sets the rules of an existing phase ruleset ($RULESET_ID) to a single URL rewrite rule — performing a dynamic rewrite of the URI path — using the Update a zone ruleset operation. The response will contain the complete definition of the ruleset you updated.
Required API token permissions
At least one of the following token permissions
is required:
Response Compression WriteConfig Settings WriteDynamic URL Redirects WriteCache Settings WriteCustom Errors WriteOrigin WriteManaged headers WriteZone Transform Rules WriteMass URL Redirects WriteMagic Firewall WriteL4 DDoS Managed Ruleset WriteHTTP DDoS Managed Ruleset WriteSanitize WriteTransform Rules WriteSelect Configuration WriteBot Management WriteZone WAF WriteAccount WAF WriteAccount Rulesets WriteLogs WriteLogs Write
curl "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/rulesets/$RULESET_ID" \ --request PUT \ --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ --json '{ "rules": [ { "expression": "starts_with(http.request.uri.path, \"/news/2012/\")", "description": "My first dynamic URL rewrite rule", "action": "rewrite", "action_parameters": { "uri": { "path": { "expression": "concat(\"/archive\", http.request.uri.path)" } } } } ] }'{ "result": { "id": "<RULESET_ID>", "name": "Zone-level Transform Ruleset", "description": "Zone-level ruleset that will execute Transform Rules.", "kind": "zone", "version": "2", "rules": [ { "id": "<RULE_ID>", "version": "1", "action": "rewrite", "action_parameters": { "uri": { "path": { "expression": "concat(\"/archive\", http.request.uri.path)" } } }, "expression": "starts_with(http.request.uri.path, \"/news/2012/\")", "description": "My first dynamic URL rewrite rule", "last_updated": "2021-04-14T14:42:04.219025Z", "ref": "<RULE_REF>" } ], "last_updated": "2021-04-14T14:42:04.219025Z", "phase": "http_request_transform" }, "success": true, "errors": [], "messages": []}The API token used in API requests to manage URL Rewrite Rules must have at least the following permissions:
- Account > Transform Rules > Edit
- Account > Account Rulesets > Read
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark