Hi @lfnunes, welcome to the Auth0 community.
By default, the JWT won’t contain information about the user’s permissions, however, that can be easily fixed, and there are two ways to go about it.
- Using scopes
- Using a permissions array
Here’s some information about how to enable it for your API:
https://auth0.com/docs/get-started/apis/enable-role-based-access-control-for-apis
If you work with scopes, user’s would have to consent for the specific scopes you use from your client application. If you simply use the option Add Permissions in the Access Token, all permissions available for the user will be added as part of the JWT as an array.
To inspect your JWT and see what information is available I recommend using: https://jwt.io/
Hope that helps.
Thanks!