This thread basically answers the questions surrounding multiple access tokens from the ID provider.
Not the answer I was looking for, but at least I have learned that Auth0’s role is limited to caching IDP access token used for authentication and the recommendation is create additional tokens with different scopes for other purposes.