I need to get permissions added to my access token. So I enabled rbac on my api setting
For the authorization, I am using asp.net owin as instructed in this document Auth0 ASP.NET (OWIN) SDK Quickstarts: Login
I have set the audience
However, access token that I got when login didn’t contain my user permissions.
What should I change to get user permissions in my access token?
The access token payload you shared indicates that the request was done in the scope of a specific organization so can you double check that the user has permissions assigned to this API in the scope of that specific organization. I believe the user should have roles assigned in the scope of the organization that ensure that they get the adequate permission set in the scope of that organization.
If you assigned direct permissions to the user I believe this will only surface if you make a request NOT associated with an organization.