I understand you have questions about retrieving the user’s permissions from an ID Token when using Auth0’s React SDK.
Yes, this is the first step you will need to do and seems like you have already implemented a Rule to append the custom claims to the ID Token. In this case, the custom claims will include the user’s Roles and Permissions. Be careful when choosing your namespace identifier, and abide by the guidelines described here.
Next, you will want to use the useAuth0 hook from the Auth0 React SDK and call the getIdTokenClaims method.