X-Amz-Cf-Id
The HTTP X-Amz-Cf-Id response header is an unofficial, AWS-specific header containing an encrypted string uniquely identifying a request processed by Amazon CloudFront.
Note
The "X-" naming convention for HTTP headers, "X" referring to "experimental", has been deprecated and needs to be transitioned to the formal naming convention for HTTP headers.
Usage
CloudFront assigns a unique request identifier to every request passing through its network. This identifier is included in the X-Amz-Cf-Id response header sent back to the client, and is also forwarded to the origin server as part of the origin request.
The value is an opaque, Base64-encoded token with no
end-user meaning. Its primary purpose is request
tracing. When a delivery issue occurs, the request ID
allows AWS Support to locate the specific request in
CloudFront access logs, where the same value appears
under the x-edge-request-id field. Backend services
receiving the forwarded header are able to log the
value for end-to-end correlation across CloudFront and
origin infrastructure.
This header is added automatically by CloudFront and cannot be removed using response header policies.
Values
Encrypted request identifier
The value is a Base64-encoded encrypted string unique to each request. The string has no documented internal structure and is not intended for parsing or decoding by clients.
Example
A typical response from a CloudFront distribution
includes the request identifier as a Base64-encoded
string. The value has no readable meaning on its own.
Its purpose is to act as a lookup key when working with
AWS support or searching CloudFront access logs, where
the same value appears as the x-edge-request-id
field.
X-Amz-Cf-Id: rEZ41zHijmTaPJrLdiavv7oU8giHtH8HQXvabc2QPAly_Btvu5C2Dw
Each request generates a different identifier. Logging this value on the origin server allows correlating an origin request with the specific CloudFront edge request.
X-Amz-Cf-Id: f2wapYYeDsh4bHN65FtxmtNMPF_Zg5TqdmqbK8WHZ7Nl4-ErBHWncg
Takeaway
The X-Amz-Cf-Id header provides a unique request identifier assigned by CloudFront, used for troubleshooting and log correlation across CDN and origin infrastructure.