Hi Jon,
In the provided code, the namespace is used as a prefix for custom claim types, and it doesn’t perform any validation. It’s simply a string that acts as a unique identifier for the custom claims being added to the ID and access tokens. You can use a common claim type for all details, such as “Roles.” If you have a scenario where permissions change based on the API, you can use the Permissions feature in Auth0 to assign permissions to users. If you’re adding permissions, make sure to include the “audience” in your authorization parameter to receive the values in the token. Let me know if you have any questions.
Doc - Enable Role-Based Access Control for APIs
Thanks,