Yes, that is correct. The Role Based Redirects work on free plan, but custom JWT secret requires a higher plan.