I’m following the guide “Add a Groups claim for the Org Authorization Server”. I’ve followed the instructions, but I don’t see a “groups” attribute in my Token Preview. I think I might be mixed up in the groups / scopes configuration.
Here’s what I’ve done so far.
In the Directory, created a group
Added the user to the group
Added the app to the group
In the API, added a scope called “groups”
In the app, set a Filter to “groups” regex match .*
Form a Token Preview with the scope “openid” and “groups”.
I get a token back, but it doesn’t have the groups.
I’ve also moved to an Authorization Server that I created (“custom”) rather than default. I’ve been working with the groups claim. I’m currently using this setting
getFilteredGroups as getFilteredGroups({“XXX”}, “group.name”, 100)
I scraped the XXX from the HTML. It’s an ID of the same form as in the docs.
I’m faring better today. It looks like my problem was with a poorly-formed Claim. I was trying to enter a filter expression and simply had to switch over to a value type of 'groups". Then, I used a loose regex (.*) and all my groups appear at the toplevel of the token.