Set permissions for users to only access URLs with specific query string parameters

I’m working in a Python/Flask App. I’m VERY new to Auth0.
I’m trying to figure out how to assign roles and permissions so that a user can only access URLs that contain a specific query parameter. For example, I have a URL that looks like this:
I would like to set a permission for a user so that they can only access URLs that contain the “SHA-001” query parameter.
I have a callback for /agencydashboard that reads the query parameters and directs accordingly. We will have about 350 of these “agencies” so making a custom callback for each one is not preferable.