Okta OIDC and AWS Cognito

We are using Okta OIDC along with AWS Cognito.
If i test the Okta OIDC flow by itself (without Cognito), all works good - i have configured the access token to return the groups the user belongs to.

However, in Cognito, i have setup custom attribute groups, and i am trying to setup the OIDC attributes mapping for them to appear in the Cognito profile, but they are not appearing.

Any idea what am i missing?
Best Regards and Thanks a lot in advance!

Where is Cognito expecting to receive these attributes from the IdP? From the ID Token? The Access Token? The Userinfo endpoint?

Ideally we would want to have these attributes as part of the access token - but i am not sure if this is possible.
As a starting point i would want them to appear in the Users Profile, but they are not appearing.

When Cognito requests tokens for the user, is it configured to use a Custom Authorization Server (e.g. issuer = https://oktadomain/oauth2/default/v1/authorize OR https://oktaDomain/oauth2/aus1234567890/v1/authorize) or is it using the Org Authorization Server (e.g. https://oktaDomain/oauth2/v1/authorize)?