Groups are not returned when using OIN app

Dileep · March 16, 2026, 4:02am

If we use non-OIN app and follow instructions to customize token claims (SignOn tab → OpendID Connect ID Token → groups claim type), I see that groups are returned by Okta when authorization request contains “groups” scope.

We recently published an OIN app template to simplify configuration. This template does not allow us to tweak ID token claims to send groups. However, we were hoping that groups will at least be sent in /userinfo when “groups” scope is passed in the authorization request.

Is it possible to receive groups from Okta when using app template? Does it require additional configuration? Without the ability to receive groups, app template does not make sense for our customers.

vk-giri · March 17, 2026, 3:56am

Hi,

Currently, group claims are not supported in OIN apps.

Dileep · March 17, 2026, 4:39am

Is this part of the roadmap at some point?

We were hoping to use template to simplify integration. However, lack of groups will render it unusable since customers can get groups with custom/non-OIN app.

vk-giri · March 17, 2026, 4:46am

Not in the near future. But I will share the feedback with our team to get the feature under consideration.

Post		Replies	Views
Get user's groups in OIN OIDC application Questions	2	2274	February 12, 2024
UserInfo not returning groups OAuth/OIDC	4	1083	February 7, 2025
How to get Application Groups instead of User Groups in my token? OAuth/OIDC api	14	12500	February 14, 2020
No 'groups' scope in the console for the default Authorisation Server Questions	9	10867	June 8, 2021
Return user groups in OIDC access token (Auth0) OAuth/OIDC	8	4965	January 17, 2023

Groups are not returned when using OIN app

Related topics