Groups in Access/ID Token

We currently have an Angular application that’s using the Okta hosted login page but are not receiving back the groups in either of the tokens that are being stored in Local Storage. The Authorization Server has been configured to include custom claims including the groups and the token preview shows the response with the groups included but when we attempt to login, we’re not receiving them. Any ideas why this might be happening?

Hi @mchung1128! Are you using the Okta Org or Custom Authorization Server? Are you also implementing Authorization Code Flow? With this flow you will need to retrieve the groups from the /userinfo endpoint per Okta Help Center (Lightning).

Hi @sigama, yes I read that article and tried to setup the “Default” Authorization Server to get the Groups back in the ID Token but that did not seem to work. Am I misunderstanding though in that I don’t have a choice but to make a second call to that /userinfo endpoint to get the groups? There’s no way to login and simply have the ID Token WITH the groups included returned? We’re using the okta-auth-js package which is setting various values in Local Storage but, like I mentioned previously, we’re not getting the ID Token with the groups included back.

This is resolved now. We were using the default issuer on our frontend as was laid out in the example docs but we needed to use our custom authorization server as the issuer instead.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.