here explained the reason and cloudflare now supports it.
Hi Jat,
Thanks for your message, and welcome to deSEC! 
Our API actually has been supporting the use case you are describing. The limitation was only in the GUI input validation.
I committed a fix for this. We expect this to go into production some time this week soon.
Stay secure,
Peter