After OTK is installed, OTK related assertions are available in Policy Manager, such as OTK Require OAuth2.0 Token.
When a user has a role with permission of type "Assertion" ALL, why cannot he/she see these OTK related assertions at all?
OTK related assertions are not native one but encapsulated assertions. Hence, the permission of Assertion ALL cannot list such assertions.
You need to add permission of type “Encapsulated assertions” ALL instead.