// Get your service account's email address and private key from the JSON key file
$private_key = "-----BEGIN PRIVATE KEY-----...";
function create_custom_token($uid, $is_premium_account) {
global $service_account_email, $private_key;
"iss" => $service_account_email,
"sub" => $service_account_email,
"aud" => "https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit",
"exp" => $now_seconds+(60*60), // Maximum expiration time is one hour
"premium_account" => $is_premium_account
return JWT::encode($payload, $private_key, "RS256");