This way, in my app I can display appropriate UI based on the role the user has, which is great.
The problem is that once I add/delete a role to the user, they have to sign out and sign in again to regenerate a new access token so that the UI gets updated.
Is there a way to detect changes to the data added using rules and based on that sign out user or regenerate a new access token?
Generally, when updating a user before they log in, the user profile information should reflect correctly after the login transaction is complete. This is expected when decoding the access token of the user.
On the contrary, when updating a user post login, the user profile information will not reflect the newly updated information since the decoded token holds information up until the login transaction.
As you observed, you will need to refresh the access tokens to read the newly updated user profile details.
There are a couple of options.
Configure Silent Authentication to leverage the use of refresh tokens in getting a new access token without prompting the user for credentials again or having them log out and log in again.