I have created two projects from https://console.firebase.google.com/ in one email account and another project from another email account. And configured to use android and google authentication login. This works perfectly when I copied the google-services.json in to the android project. I've done this for all 3 firebase projects and the backend verifies all 3 tokens successfully using method FirebaseAuth.getInstance().verifyIdToken(idToken)
I downloaded the googleservicekey.json to backend from one of the projects.
My question is why FirebaseAuth.getInstance().verifyIdToken(idToken) verifies all the tokens not just the particular project token ? what am I missing here ?
All the jwts generated by the projects has the same "kid": "" (these jwts are returned by the firebase googlelogin in android)
thanks for the comments but it looks like the problem was to do with the build cache. even though Ive changed the google-services.json file running the project was still using the old json file, so I had to clean and build and it worked. thanks