Adding RBAC Permissions to Access Tokens

APISessions
Sep 10, 2025
Overview
This article details how to include permissions assigned to users via RBAC in the access token.
Applies To
  • Role-based access control (RBAC)
  • Access Token
Solution
There is a built-in setting that can be used, which, if enabled, will add permissions to the access token.

Enable it via the following steps:
  1. Navigate to the dashboard.
  2. Go to Applications > APIs.
  3. Select the desired API.
  4. Under the Settings tab scroll down to the RBAC Settings section.
  5. Enable the Add Permissions in the Access Token toggle.
Once enabled, an array of the user's permissions will be present in the permissions claim of the access token.

Recommended content

No recommended content found...
Need more help? Visit the Community
Visit the Auth0 Community