User Context in JWT when sending request to Jira API

Hi,
I am making a Jira Plugin, and I am testing my plugin. On my Jira I have two projects Project1 and Project2 and as the owner of the Jira i have access to both, but a different user(my friend) only has access to Project2. When I upload the plugin on Jira I get all the data when the /installed endpoint is made and i create a JWT and everything works fine. But the issue is when we retrieve all the projects both me and my friend the other user get two projects returned. I want Jira to return to him only Project2 the project he is a part of. When i build my JWT i use this

  jwt_token = atlassian_jwt.encode_token(
      "GET",
      url=data.baseUrl.strip("/") + "/rest/api/3/project/search",
      clientKey=data.key,
      sharedSecret=data.sharedSecret
  )

I also tried adding my friends accountId as ‘sub’ in the JWT payload but it still returns two Projects. Help would be really appreciated.