diff --git a/Cargo.toml b/Cargo.toml
index 447874c..9acab9b 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -5,5 +5,6 @@ members = [
     "lib",
     "examples/get_users",
     "examples/verify_token",
-    "examples/clear_emulator"
+    "examples/clear_emulator",
+    "examples/cookies"
 ]
\ No newline at end of file
diff --git a/examples/clear_emulator/Cargo.toml b/examples/clear_emulator/Cargo.toml
index c3ac4d5..b18207b 100644
--- a/examples/clear_emulator/Cargo.toml
+++ b/examples/clear_emulator/Cargo.toml
@@ -7,4 +7,4 @@ edition = "2024"
 
 [dependencies]
 rs-firebase-admin-sdk = { path = "../../lib" }
-tokio = { version = "1.48", features = ["macros", "rt-multi-thread"] }
\ No newline at end of file
+tokio = { version = "1.49", features = ["macros", "rt-multi-thread"] }
\ No newline at end of file
diff --git a/examples/cookies/Cargo.toml b/examples/cookies/Cargo.toml
new file mode 100644
index 0000000..da25130
--- /dev/null
+++ b/examples/cookies/Cargo.toml
@@ -0,0 +1,9 @@
+[package]
+name = "cookies"
+version = "0.1.0"
+edition = "2024"
+
+[dependencies]
+rs-firebase-admin-sdk = { path = "../../lib" }
+time = { version = "0.3" }
+tokio = { version = "1.49", features = ["macros", "rt-multi-thread"] }
\ No newline at end of file
diff --git a/examples/cookies/src/main.rs b/examples/cookies/src/main.rs
new file mode 100644
index 0000000..5e30a52
--- /dev/null
+++ b/examples/cookies/src/main.rs
@@ -0,0 +1,17 @@
+use rs_firebase_admin_sdk::{App, auth::FirebaseAuthService, jwt::TokenValidator};
+use time::Duration;
+
+#[tokio::main]
+async fn main() {
+    let oidc_token = std::env::var("ID_TOKEN").unwrap();
+    let live_app = App::live().await.unwrap();
+    let cookie = live_app
+        .auth()
+        .create_session_cookie(oidc_token, Duration::seconds(60 * 60))
+        .await
+        .unwrap();
+
+    let live_cookie_validator = live_app.cookie_token_verifier().await.unwrap();
+
+    live_cookie_validator.validate(&cookie).await.unwrap();
+}
diff --git a/examples/get_users/Cargo.toml b/examples/get_users/Cargo.toml
index 37763ef..6e95fa1 100644
--- a/examples/get_users/Cargo.toml
+++ b/examples/get_users/Cargo.toml
@@ -7,4 +7,4 @@ edition = "2024"
 
 [dependencies]
 rs-firebase-admin-sdk = { path = "../../lib" }
-tokio = { version = "1.48", features = ["macros", "rt-multi-thread"] }
\ No newline at end of file
+tokio = { version = "1.49", features = ["macros", "rt-multi-thread"] }
\ No newline at end of file
diff --git a/examples/verify_token/Cargo.toml b/examples/verify_token/Cargo.toml
index 66a29e1..3d08951 100644
--- a/examples/verify_token/Cargo.toml
+++ b/examples/verify_token/Cargo.toml
@@ -7,4 +7,4 @@ edition = "2024"
 
 [dependencies]
 rs-firebase-admin-sdk = { path = "../../lib", features = ["tokens"] }
-tokio = { version = "1.48", features = ["macros", "rt-multi-thread"] }
\ No newline at end of file
+tokio = { version = "1.49", features = ["macros", "rt-multi-thread"] }
\ No newline at end of file
diff --git a/lib/Cargo.toml b/lib/Cargo.toml
index 85d4841..1a2acd8 100644
--- a/lib/Cargo.toml
+++ b/lib/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "rs-firebase-admin-sdk"
-version = "4.1.1"
+version = "4.2.0"
 rust-version = "1.88"
 edition = "2024"
 authors = ["Kostas Petrikas"]
@@ -19,22 +19,22 @@ rustls-tls = ["reqwest/rustls-tls"]
 tokens = ["dep:jsonwebtoken", "dep:jsonwebtoken-jwks-cache"]
 
 [dependencies]
-tokio = { version = "1.48", features = ["sync"], default-features = false }
+tokio = { version = "1.49", features = ["sync"], default-features = false }
 error-stack = "0.6"
 thiserror = "2.0"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
-http = "1.3"
+http = "1.4"
 headers = "0.4"
 reqwest = { version = "0.12", features = ["charset", "json"], default-features = false }
 urlencoding = "2.1"
 bytes = "1"
-google-cloud-auth = "1.3"
+google-cloud-auth = "1.4"
 time = { version = "0.3", features = ["serde"] }
 base64 = "0.22"
 jsonwebtoken = { version = "10.2", optional = true }
-jsonwebtoken-jwks-cache = { version = "0.1", optional = true }
+jsonwebtoken-jwks-cache = { version = "0.2", optional = true }
 
 [dev-dependencies]
-tokio = { version = "1.48", features = ["macros", "rt-multi-thread"] }
+tokio = { version = "1.49", features = ["macros", "rt-multi-thread"] }
 serial_test = "3.2"
diff --git a/lib/src/jwt/mod.rs b/lib/src/jwt/mod.rs
index 8f5e68e..be1d310 100644
--- a/lib/src/jwt/mod.rs
+++ b/lib/src/jwt/mod.rs
@@ -10,6 +10,8 @@ use thiserror::Error;
 
 const GOOGLE_JWKS_URI: &str =
     "https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com";
+const GOOGLE_PKEYS_URI: &str =
+    "https://www.googleapis.com/identitytoolkit/v3/relyingparty/publicKeys";
 const GOOGLE_ID_TOKEN_ISSUER_PREFIX: &str = "https://securetoken.google.com/";
 const GOOGLE_COOKIE_ISSUER_PREFIX: &str = "https://session.firebase.google.com/";
 
@@ -55,9 +57,9 @@ impl LiveValidator {
         Ok(Self {
             issuer: format!("{GOOGLE_COOKIE_ISSUER_PREFIX}{project_id}"),
             project_id,
-            jwks: CachedJWKS::new(
+            jwks: CachedJWKS::new_rsa_pkeys(
                 // should always succeed
-                GOOGLE_JWKS_URI.parse().unwrap(),
+                GOOGLE_PKEYS_URI.parse().unwrap(),
                 Duration::from_secs(60),
                 TimeoutSpec::default(),
             )?,