Ah, looks like I missed a trick in my thing.
Yeah, but this does imply that we have to be able to validate the JWT with both the current key and the previous key.
Yeah, so I’d avoid having that if it’s so bespoke - at least in a first cut, if loads of users want more firebase support, then go for it, but in a first version, we need the max age in the settings to accomodate more cases, so don’t complicate things.