After reading @DazWilkin's replies, I ended up realizing that what I'm trying to do is really not a good solution. So after a bit more tinkering I finally got Signed URLs to work on my backend by using a service account and creating a service account key, which can then be used to create signed URLs on the backend.

//using expressjs

const {Storage} = require('@google-cloud/storage');
const storage = new Storage({
  projectId:"your-project",
  keyFilename:"./key-location.json"
});   

router.post("/returnSignedUrl", async (req, res) => {
    console.log('/returnSignedUrl', req.body)

    let a = req.body.data

    const options = {
      version: 'v4',
      action: 'read',
      expires: Date.now() + 15 * 60 * 1000 // 15 minutes
    };

    // Get a v4 signed URL for reading the file
    const [url] = await storage
      .bucket(a.bucket)
      .file(a.filename)
      .getSignedUrl(options).catch((err)=> console.log(err));

      console.log(url)
    res.send(url)
});

Anyway, it works now. If anyone else wants to figure out how to answer my original question, the API response is a valid UTF8 based on this package. I just never figured out how to properly convert that into a blob or something downloadable.