Hi @dan.woda,
I have followed the above and I can add the current user to a role.
Unfortunately the roles/permissions do not make it into the access token until they re-authenticate.
Is there anyway to refresh the token from within the rule in order to add/refresh the claims with the Issuer of “https://xxxx.eu.auth0.com/”?
This article also describes the same situation here: