Multiple clients and different access levels in machine to machine API


I have one .NET 6 API Application which can be consumed by multiple clients/customers/companies. I have created an API and application in auth0 portal and could successfully test authorized endpoint by obtaining the token and access to authorized endpoint. Now, I have to achieve the following scenario:

Client 1
Client 2

GetProducts action in Products controller. Client 1 Can access, Client 2 cannot.
I want to have possibility to define what each client can or cannot do in my API on each controller/action.

How to achieve that?