Firebase provides a client sdk for web and an admin sdk for backend server to create a user session. In a microservices architecture based cloud application, do we have to create a custom token at the server side when a user tries to log into our system and then allow the client using java-script based client sdk to create another id-token with the custom token for continuing the client interaction within that session ?
Why do we need two tokens i.e Custom Token(Admin SDK) and Id Token(Client SDK) for user authentication ?