SourceMap header not relating code artifact to sourcemap in release

I’m trying to enable sourcemaps for Sentry errors without exposing the sourcemaps to our end users. To that end, I produce the sourcemaps without attaching a #sourceMappingURL reference to the minified file and upload the artifacts to a Sentry release at build time.

The docs mention adding a ‘SourceMap’ header to the release files request. Here’s one variation of these requests that I attempted without success.

curl https://sentry.io/api/0/projects/myorg/myproj/releases/1.0/files/ \
    -X POST \
    -H 'Authorization: Bearer {token}' \
    -H 'SourceMap: app.min.js.map' \
    -F file=@app.min.js \
    -F name="~/scripts/app.min.js" \

curl https://sentry.io/api/0/projects/myorg/myproj/releases/1.0/files/ \
    -X POST \
    -H 'Authorization: Bearer {token}' \
    -F file=@app.min.js.map \
    -F name="app.min.js.map" \

It’s not clear to me what the value of the SourceMap header should represent. The name of the sourcemap artifact?

Any guidance on this would be appreciated. The documentation around the SourceMap header seems thin.