Hi @gavin3466,
Thanks for reaching out to the Auth0 Community!
Yes! Your proposed approach will work and will be a secure way to handle authorization.
Here is a helpful FAQ resource I recommend reading: Adding custom claims to tokens
Please let me know if you have any additional questions.
Thanks,
Rueben