How to handle federated idp roles

Hi
I’m federating Auth0 to an external IDP (Oracle IDCS) using OIDC Auth Code Flow.
I’d like to get the external IDP to send back a set of well-known but custom roles (eg. Web-Application-User) which I’d like to use in Auth0. The aim here is to use the externally defined roles as a factor in determining authorisation levels in upstream services using something like OPA.
Ideally, I’d like to get access to those roles from the /userinfo method.
If I manually create roles in Auth0, that gets returned in /userinfo but am unable to get the IDCS roles passed into Auth0 from the IDP.
Could someone tell me if I have the right approach?
Regards