Claims, Roles, Permissions


Looking for a way to implement following. I want to create a MicroService for Authentication. I read how to do it with SS so I think that isn’t a problem.
But I am struggling how to implement my roles/permissions and get that into claims (of AuthSession).
I am building something where a user get’s access to one or more Stores. So the role is StoreManager, permission can be Read/Write, etc. But I really need to lock down the access to one or more stores. So I would need to add the Guid of the Store as well in the security model. I thought (with JWT) I could add a claim “StoreId” with value “Store1” and another claim “StoreId” with value “Store2”. But I am not sure whether this is something that can be done within the current Auth setup of SS.
Any guidance appreciated.

User Sessions Roles and Permissions are automatically embedded in JWT Tokens and populated on the Session but for anything new you’ll need to use CreatePayloadFilter to modify the JWT Token and PopulateSessionFilter to extract it from the JWT Token and populate the Users Session.