async function(user, context, callback) {
  const namespace = 'https://yournamespace/identity/claims';
  const map = require('array-map');
  const ManagementClient = require('auth0@2.17.0').ManagementClient;
  const management = new ManagementClient({
    token: auth0.accessToken,
    domain: auth0.domain
  });

  const params = { id: user.user_id, page: 0, per_page: 50, include_totals: true };
  const permissions = await management.getUserPermissions(params);
  const assignedPermissions = map(permissions.permissions, function (permission) {
    return permission.permission_name;
  });

  const assignedRoles = context.authorization ? context.authorization.roles : null;
  
  if (context.idToken) {
    const idTokenClaims = context.idToken;
    idTokenClaims[`${namespace}/roles`] = assignedRoles ? assignedRoles : ["Guest"];
    idTokenClaims[`${namespace}/permissions`] = assignedPermissions;
    context.idToken = idTokenClaims;
  }

  if (context.accessToken) {
    const accessTokenClaims = context.accessToken;
    accessTokenClaims[`${namespace}/roles`] =  assignedRoles ? assignedRoles : ["Guest"];
    accessTokenClaims[`${namespace}/permissions`] = assignedPermissions;
    context.accessToken = accessTokenClaims;
  }  

  callback(null, user, context);
}