I don’t quite get what you mean by “AD Groups mapped to Okta Groups”. There are Okta groups which were created inside Okta itself and there are AD groups, Both of which can be seen in the admin console. Interestingly the AD groups are without a “X” besides them (so they can’t be deleted as expected).
But when I get the userinfo details back it sends only those groups created specifically inside Okta but not the AD groups the user belongs to,
How does one go about mapping AD groups to Okta Groups or better still get both sets of groups? This answer : How to get AD groups in id_token? seems to suggest that this is not possible unless one runs a custom authorization server (which our client doesn’t). Is that still true?