Thanks for sharing @kcwardwell !
@kl.auth This is correct - Assuming you RBAC enabled for the API and have toggled on the option to “Add Permissions in the Access Token” you should see them in your Access Token. Note that the ID Token will still only have the "namespace/roles": ["role"]