Thank you for your reply.
Login required error is expected when using the
getTokenSilently method when there isn’t an authenticated user. In silent authentication, the “login required” error is thrown when the user’s browser does not or cannot send the “Auth0” cookie. This cookie identifies the user’s logged-in session with Auth0 and resides on the client’s browser.
In this case, you’ll need to initiate the authentication process again.
As for your Rule, it is correct for appending custom claims to tokens and should work.
Please let me know if there’s anything else I can do to help.