Hi dan,
Thanks for the reply, I ended up storing permissions in the user.data field.
I hope you'd consider adding the "entity grants to permissions" of the client credential flow in the authorization code flow in a future release, entity fits many needs and may ease integration.
We appreciate FusionAuth is very flexible, you're doing a great job 👏