Hi,
I am using okta-react package and trying to get Group claims in the id_token.
When I use implicit flow and specify response type: id_token then I can see group claims in the id_token
However if I enable pkce, then response type is forced to the: code and group claims are missing in id_token…
Is it possible to have group claims in id_token when using pkce?
PKCE is indeed only supported for the authorization code flow.
A few things to check. Make sure you have a groups claims and that it is included in id tokens
https://gyazo.com/d69e5b79bbd3036b8ae2100c457fdcea security -> api -> click on your authorization server -> claims
Also check your access policies for your authorization server. When I use my token preview it returns the claims for me.
https://gyazo.com/989ae4e624c7ad024ce54b7a7b4fc33b
In your app you also need to configure a group claim - https://gyazo.com/e1475ee1af075ec676f2747b449a2640
I have group claim configured and it is working when I use implicit flow, the id token shows groups properly.
I do not have Group claims added to auth server - but once again, for implicit flow it is working without it. Preview token does not shows groups because groups are injected by application and not auth server.