I have used this example to do the authentication via okta
In my okta portal, cannot see the option of Authorization server so have added null in configurationto get it working. The issue i am now getting is that I am not getting the groups assigned to the application. Is having the authorization server a must for the groupsto be retrieved or there is another way to get it. Just to add, i have added “groups” as well in the scope in the above example.
This is a blocker for me as we need to authorize based on the groups but not getting them.
If you are using the Okta authorization server (eg. issuer is set to https://dev-xxxyyy.okta.com instead of https://dev-xxxyyy.okta.com/oauth2/default), then, when both ID token and access token are requested (separately through response_type=token id_token or together through response_type=code), the ID token is automatically minified.
In this case, the custom defined claims, including “groups”, are available through a request to /userinfo endpoint as defined here.