Hi @bilalhashmi,
Welcome to the Auth0 Community
It’s not easy to answer your question in a few words without knowing the specific context, and I’m afraid I haven’t the definitive answer. However, I can give you a high-level reasoning about authorization mechanics.
First, I think you should investigate why the number of permissions has grown so much.
Token-based authorization is appropriate when you have a well-defined set of permissions that don’t change dynamically. If your set of permissions is growing, maybe you need to think differently. Are these new permissions really needed? Can you represent them differently? Take a look at this question and the related answer to give you an idea of what I mean.
If your authorization needs are more complex than before, you may need to reorganize the information needed for making authorization decisions. Maybe you need to integrate information coming from the access token with information coming from other sources (e.g., a database).
Depending on your use-case complexity, it may be preferable to use different approaches like ABAC or FGA.
I know this is not a practical answer, but the appropriate solution depends on the specific scenario. For more detailed information, I suggest reaching out to professional services