How to access user specific resources in webapi when the access token does not include user info

I have implemented OpenId Connect for authorizing my multi tenant app, I have obtained both the Id Token and the access token. The access token does not contain any claims, but I would like to access user specific resources in the web api.

For example, in order for a user to access a certain resource, 1. They must be a tenant admin and 2, they must have permission for that resource (say a specific job post).

My questions.

Do I send the user permissions to the webapi in the request body/query and the webapi trust those permissions?
Should I use the access token to call the Identity Server to get the user information, then proceed if the user has the permissions?
Any other options?

Solution

Since I control the auth server, I included some claims for identifying the user in the access token.

GraphQL readiness for .net development
Why do I get a "Field is Required" error from my API even tough the query parameter is optional?
Confirm form resubmission - ASP.NET 5 MVC
IHttpActionResult returns result with brackets and escape slash , why is this happening
Server 500 error when Dto class name exists in two separate DtoModels folders
ODataController erroring after return
Paging in .NET Web API
Paging the huge data that is returned by the Web API
Swagger API not refreshing the documentation
Why is this API considered having ambiguous method/path combination when the names and routes are different?
Trouble with ActionResult in unit test can't Assert.Equal on POST return value (asp.net core mvc web api)
How to configure Swashbuckle to ignore property on model
ASP.Net Core Web API with Entity Framework is there any benefit to using stored procedures?
FastEndPoints swagger endpoint grouping name lower case issue
No type was found that matches the controller named 'help'
MemoryCache SetSize, does it limit cache entry size
Data annotations not recognized by Entity Framework Core in one ASP.NET project but work properly in another
Receive Text Message (SMS) in a .net API
How to get only Odata.Count without value
How should I pass multiple parameters to an ASP.Net Web API GET?
OnPost for Razor Page
Serilog format context property as top level property
Pass string array as data in jquery ajax to web api
Web API 2 return simple string without quotation mark when return type is IHttpActionResult
Dynamically change database connection depending on jwt claim
HTTPS disconnected - Kestrel
The 'Access-Control-Allow-Origin' header contains multiple values
Implementing Cache manager using Dot Net core
If I set AccessToken and RefreshToken both (JWT) as cookies by server, They both automatically will be sent to server in each request from client
HttpClient not supporting PostAsJsonAsync method C#