Better API errors with the Problem Details standard
Firebase JWT tokens are a little unusual because they don't use secrets or JWKS but have public X509 certs