Hey there @o.d welcome to the community!
Can you help me better understand your specific use case here? Typically, roles are added to tokens by way of an Action. If you are looking to get a user’s roles server-side then you will want to request a Management API Access token for use against the Management API.
The more details you can provide about your use case the better 