Getting group claims for PKCE oauth2 flows


I am using okta-react package and trying to get Group claims in the id_token.
When I use implicit flow and specify response type: id_token then I can see group claims in the id_token

However if I enable pkce, then response type is forced to the: code and group claims are missing in id_token…

Is it possible to have group claims in id_token when using pkce?

PKCE is indeed only supported for the authorization code flow.

A few things to check. Make sure you have a groups claims and that it is included in id tokens security -> api -> click on your authorization server -> claims

Also check your access policies for your authorization server. When I use my token preview it returns the claims for me.

In your app you also need to configure a group claim -

I have group claim configured and it is working when I use implicit flow, the id token shows groups properly.

I do not have Group claims added to auth server - but once again, for implicit flow it is working without it. Preview token does not shows groups because groups are injected by application and not auth server.