Auth0 introduced the TOKEN_DIALECT which helps to populate the scope with the requested permissions as long as the user has the required permission or the associated role.
The rule isn’t necessary anymore to populate the scope unless the requirements are more complex and the out of the box behavior isn’t sufficient.