How can I use permissions in my custom authorizer?

I’ve got RBAC turned on for my Auth0 API. It is returning JWTs with users’ permissions.

How should I properly use those permissions when authorizing a user with an AWS Lambda custom authorizer? I’d like certain API Gateway endpoints to require specific permissions, but I’m not sure how to do this without creating a separate authorizer for each permission-type I have in my application - this could cause me to create too many authorizers with almost identical code.

For example, I’ve got this endpoint:

I’d like to only allow users with the following permission to be allowed to use this endpoint:


I would also like to know if anyone has a good example of this type of functionality.