JWS Validation on Signed Proxy Redirect


I’m working on setting up a signed proxy redirect on my site indigologic-dev.netlify.app. (I’m currently working in deploy preview 28). The redirect appears to be working fine, but there is no X-Nf-Sign element in event.header and I’m not sure where to find the JWS signature to verify?

My netlify.toml looks like:
from = “/api/contactMail”
to = “/.netlify/functions/sendEmail”
status = 200
force = true

  from = "/*"
  to = "/index.html"
  status = 200

The headers that show in my function log (from console.log(event)) are

headers: {
accept: ‘/’,
‘accept-encoding’: ‘br, gzip’,
‘accept-language’: ‘en-US,en;q=0.9’,
‘client-ip’: ‘’,
connection: ‘keep-alive’,
‘content-length’: ‘0’,
‘content-type’: ‘application/json’,
forwarded: ‘for=;proto=https’,
host: ‘deploy-preview-28–indigologic-dev.netlify.app’,
origin: ‘https://deploy-preview-28--indigologic-dev.netlify.app’,
referer: ‘Indigo Logic’,
‘sec-fetch-dest’: ‘empty’,
‘sec-fetch-mode’: ‘cors’,
‘sec-fetch-site’: ‘same-origin’,
‘sec-gpc’: ‘1’,
‘user-agent’: ‘Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36’,
via: ‘http/1.1 Netlify[7e3845c9-c361-4dbe-9c49-0354a6899c96] (Netlify Edge Server)’,
‘x-bb-ab’: ‘0.274655’,
‘x-bb-client-request-uuid’: ‘f605a57a-2a0b-4cd4-9ee9-c8cad30b36a9’,
‘x-bb-ip’: ‘’,
‘x-bb-loop’: ‘1’,
‘x-cdn-domain’: ‘www.bitballoon.com’,
‘x-country’: ‘US’,
‘x-datadog-parent-id’: ‘8358442185749973012’,
‘x-datadog-trace-id’: ‘13591957236999180729’,
‘x-forwarded-for’: ‘,’,
‘x-forwarded-proto’: ‘https’,
‘x-language’: ‘en,en;q=0.9’,
‘x-nf-cache-gen’: ‘eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9Cg.eyJnZW4iOiI2MGJlNjk5MDk0MTEyZjAwMDc3YWY1YWE6MTYyMzA5MTY0NTgxNiJ9Cg.KRCmUhDK7Iu8eDfE2-ILXcMQiI_4HUeFzxkHxzk6JOw’,
‘x-nf-client-connection-ip’: ‘’,
‘x-nf-connection-proto’: ‘https’,
‘x-nf-request-id’: ‘f605a57a-2a0b-4cd4-9ee9-c8cad30b36a9’

The environment variable API_SIGNATURE_TOKEN is set in my deploy environment section, and I’m able to access it from my function. I just can’t find the jws from the signed redirect to verify. Can you help?

Thank you!

Hey there, @IndigoLogic :wave:

Welcome to the Netlify Forums! It looks like you have created two threads on the same topic. I am going to close this current thread, and leave this other thread open: Can't find JWS signature for signed proxy redirect. This will allow us to streamline support and conversations.

Thanks for understanding!