No.
This example describes a method to do what you are after
The JWT from the extension is passed to the EBS
The EBS generates an App Access Token/Client Credentials token
And uses the UserID from the JWT + the App Access Token to lookup the user on the API.
TLDR: you need an EBS
You mis intrepreted what I wrote on the thread you necro’ed
Use of kraken would likely result in a deny, because it’s use is deprecated.
And you can’t call helix without an access token that you can’t generate in an extension front end to use with the API