Azure Active Directory and assigning permissions

I have struggled to find much on the following topic, I’m not sure how ppl are dealing with it.

The typical flow is an admin will assign a user access via roles, then the user will log in.

When using Auth0 with Azure AD and the roles are managed in Auth0 is that possible? It appears the user is not created until they attempt to log in.

Instead it seems I need to have the user log in, then the admin assign access, then the user login again. Alternatively I need to manage roles in Azure AD.

Are they any other options?

Another option I thought up was to create the user as a username/password user and assign access, then when they log in with AD have an account linking rule that merges the two accounts. Down side is email/name need to be manually entered unless I lookup AD directly.

Any updates on this?