Roles and Permissions without having an API

I’m developing an application using Go + HTMX and I’d like to establish a pattern for roles and permissions that I’ll associate with users in the future. I’ll use these roles/permissions to determine which endpoints the user can access and also which components I should render in HTMX. However, when associating permissions with roles, I’m prompted to link permissions to a specific API, and since I only have one application, the “Regular App,” I’m unsure of the best approach. Should I create an API solely for linking permissions?

Note: I’d like to keep this data in Auth0 so I can centralize all authentication and authorization aspects there.