I have a REST API that uses JWT scopes created by a rule in Auth0. When I turn off that rule and use Permissions enabled by Roles, the permissions appear in the JWT, but neither my REST API nor my Angular front end can access Permissions.
Neither express-jwt-authz on the back end or this.auth0.parseHash((err, authResult) 's authResult contain a permissions array.
Is there a different library or parameter to access JWT permissions?