Any examples of how to set up role-based authorization with Blazor WASM and ASP.NET Core API?

I keep running into walls trying to set up Okta with Blazor WASM and ASP.NET Core API. I just started with Okta and I am by no means an expert at identity. I’ve Googled for hours and I cannot find a comprehensive example of how to set this up. I have the authentication and the token validation working, but how do I add roles? I’ve tried mapping Groups to roles per the instructions in a 2-year old YouTube video by the dude with long gray hair, but that didn’t work. I thought Okta is supposed to make this easy!
Lost and frustrated. Please help.

let us know if the official Microsoft docs on this help

Thanks.
The problem I’m having now I’m not getting the “groups” claim in the payload. It doesn’t show up in the Token Preview. I understand I need to map groups to roles in ASP.NET identity. But I can’t get the claim.

If I can get the groups claim then I can take it from there.

@davewevans72 please change your filter from Starts with to Matches regex and set that to .* to get all groups.