Hey @dominic1 welcome to the community!
I’m not sure this is possible without requesting a new JWT - Perhaps you could look into using silent auth? You might also be able to work something into using a refresh token since it sounds like it would just require a new claim (as opposed to a new scope). FWIW, rules/actions will be run on the refresh token request as well.