I have managed this by just making HTTP requests from within my rule - not relying on the auth0 node client. You do need to get a new token that has the appropriate grants. See my responses in the other thread with some example code.