Hi @tkiddle,
Welcome to the Auth0 Community!
I understand you have questions about retrieving the user’s permissions from an ID Token when using Auth0’s React SDK.
Yes, this is the first step you will need to do and seems like you have already implemented a Rule to append the custom claims to the ID Token. In this case, the custom claims will include the user’s Roles and Permissions. Be careful when choosing your namespace identifier, and abide by the guidelines described here.
Next, you will want to use the useAuth0 hook from the Auth0 React SDK and call the getIdTokenClaims method.
This way, you avoid any expensive API calls or exceeding the Rate limit when using the Management API Get a User’s Permissions and Get a User’s Roles endpoints.
Please let me know if you need more clarification or have any questions. I’d be happy to help.
Thanks.