diff --git a/src/app-bridge/app-bridge.ts b/src/app-bridge/app-bridge.ts
index 9be7609..3a904e8 100644
--- a/src/app-bridge/app-bridge.ts
+++ b/src/app-bridge/app-bridge.ts
@@ -44,6 +44,7 @@ function eventStateReducer(state: AppBridgeState, event: Events) {
       /**
        * Event comes from API, so always assume it can be something not covered by TS
        */
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
       console.warn(`Invalid event received: ${(event as any)?.type}`);
       return state;
     }
diff --git a/src/app-bridge/events.ts b/src/app-bridge/events.ts
index e66c615..2413eb3 100644
--- a/src/app-bridge/events.ts
+++ b/src/app-bridge/events.ts
@@ -53,4 +53,4 @@ export type PayloadOfEvent<
   TEventType extends EventType,
   TEvent extends Events = Events
   // @ts-ignore TODO - why this is not working with this tsconfig? Fixme
-> = TEvent extends Event<TEventType, any> ? TEvent["payload"] : never;
+> = TEvent extends Event<TEventType, unknown> ? TEvent["payload"] : never;
diff --git a/src/headers.ts b/src/headers.ts
index fa43f3a..068f9cc 100644
--- a/src/headers.ts
+++ b/src/headers.ts
@@ -5,9 +5,14 @@ import {
   SALEOR_SIGNATURE_HEADER,
 } from "./const";
 
-export const getSaleorHeaders = (headers: { [name: string]: any }) => ({
-  domain: headers[SALEOR_DOMAIN_HEADER],
-  authorizationBearer: headers[SALEOR_AUTHORIZATION_BEARER_HEADER],
-  signature: headers[SALEOR_SIGNATURE_HEADER],
-  event: headers[SALEOR_EVENT_HEADER],
+const toStringOrUndefined = (value: string | string[] | undefined) =>
+  value ? value.toString() : undefined;
+
+export const getSaleorHeaders = (headers: {
+  [name: string]: string | string[] | undefined;
+}): Record<string, string | undefined> => ({
+  domain: toStringOrUndefined(headers[SALEOR_DOMAIN_HEADER]),
+  authorizationBearer: toStringOrUndefined(headers[SALEOR_AUTHORIZATION_BEARER_HEADER]),
+  signature: toStringOrUndefined(headers[SALEOR_SIGNATURE_HEADER]),
+  event: toStringOrUndefined(headers[SALEOR_EVENT_HEADER]),
 });
diff --git a/src/middleware/with-jwt-verified.ts b/src/middleware/with-jwt-verified.ts
index 062f0f2..9921e3f 100644
--- a/src/middleware/with-jwt-verified.ts
+++ b/src/middleware/with-jwt-verified.ts
@@ -2,7 +2,7 @@ import * as jose from "jose";
 import type { Middleware, Request } from "retes";
 import { Response } from "retes/response";
 
-import { SALEOR_AUTHORIZATION_BEARER_HEADER } from "../const";
+import { SALEOR_AUTHORIZATION_BEARER_HEADER, SALEOR_DOMAIN_HEADER } from "../const";
 import { getSaleorHeaders } from "../headers";
 import { getJwksUrl } from "../urls";
 
@@ -24,6 +24,13 @@ export const withJWTVerified =
       });
     }
 
+    if (domain === undefined) {
+      return Response.BadRequest({
+        success: false,
+        message: `${ERROR_MESSAGE} Missing ${SALEOR_DOMAIN_HEADER} header.`,
+      });
+    }
+
     let tokenClaims: DashboardTokenPayload;
     try {
       tokenClaims = jose.decodeJwt(token as string) as DashboardTokenPayload;
diff --git a/src/middleware/with-registered-saleor-domain-header.ts b/src/middleware/with-registered-saleor-domain-header.ts
index 86c7e04..70e1033 100644
--- a/src/middleware/with-registered-saleor-domain-header.ts
+++ b/src/middleware/with-registered-saleor-domain-header.ts
@@ -9,6 +9,12 @@ export const withRegisteredSaleorDomainHeader =
   (handler) =>
   async (request) => {
     const { domain: saleorDomain } = getSaleorHeaders(request.headers);
+    if (!saleorDomain) {
+      return Response.BadRequest({
+        success: false,
+        message: "Domain header missing.",
+      });
+    }
     const authData = await apl.get(saleorDomain);
     if (!authData) {
       return Response.Forbidden({
diff --git a/src/middleware/with-webhook-signature-verified.ts b/src/middleware/with-webhook-signature-verified.ts
index dc3c0d3..73406a2 100644
--- a/src/middleware/with-webhook-signature-verified.ts
+++ b/src/middleware/with-webhook-signature-verified.ts
@@ -3,7 +3,7 @@ import * as jose from "jose";
 import { Middleware } from "retes";
 import { Response } from "retes/response";
 
-import { SALEOR_SIGNATURE_HEADER } from "../const";
+import { SALEOR_DOMAIN_HEADER, SALEOR_SIGNATURE_HEADER } from "../const";
 import { getSaleorHeaders } from "../headers";
 import { getJwksUrl } from "../urls";
 
@@ -29,6 +29,13 @@ export const withWebhookSignatureVerified =
       });
     }
 
+    if (!saleorDomain) {
+      return Response.BadRequest({
+        success: false,
+        message: `${ERROR_MESSAGE} Missing ${SALEOR_DOMAIN_HEADER} header.`,
+      });
+    }
+
     if (secretKey !== undefined) {
       const calculatedSignature = crypto
         .createHmac("sha256", secretKey)