Your article says " Remember how we setup a groups property-mapper when deploying authentik? "
I don’t see this step in the deploying authentik article. I tried adding a groups Scope mapping in authentik with the expression return user.groups, but i’m not getting the groups in the token.
It appears that group should come back automatically as part of authentik default OAuth Mapping: OpenID 'profile', as it’s expression contains. "groups": [group.name for group in request.user.ak_groups.all()],. but it is not.
I’ve also tried appending --exec-arg=--oidc-extra-scope=groups to the kubectl config set-credentials oidc with no luck.
Any ideas?
Thanks!