Secure Netlify Functions

Is there a way to secure Netlify functions in such a way that only the site itself can access them? I’m building a B2B SaaS and one of the requirements of the project is that each customer must have its own database and the users of each customer must be stored and authenticated in/from that database (which means I can’t use Netlify identity). To do this, I created a Netlify lambda function that creates a skeleton database off of a pre-built schema when the customer signs up. However, I need to secure this function so that only the application and no one/nothing else can access and use it. Does anyone have any idea?

Thank you kindly!


Hey @tysonalcorn,
Our signed proxy redirects should work this. Here’s a thread discussing them:

And our docs on them:

Let us know if that helps or if you have any other questions!

Hi Jen! It’s not clear to me how signed proxy redirects help here. I read through the documentation and I’m still confused. I have a basic Netlify function but I only want my site to be able to access it. How can I do that?

I found How to apply Access Control for Netlify Functions?, I think this is what I’m looking for.