Firebase Authentication Istio using custom claims

Just a general question. Is it possible to implement Firebase Authentication Session Cookies with custom claims to verify individually route/API permissions from Istio ? I want to authenticate end users with social login using firebase auth. Ambassador API gateway solves this by checking status code from a custom backend auth service. Is it possible for Istio to manage this by itself ?

Firebase Session cookie

AFAIK, Istio supports mTLS and JWT authentications and cookie authentication is not currently supported.

Is it possible to proxy auth request to a separate service similar how Ambassador auth works ?