How to return groups in the SAML assertion Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Gus MavromoustakosGus Mavromoustakos 

How to return groups in the SAML assertion

Hello I was originally writing a question to ask how to add groups to the SAML assertion payload. After a few hours of banging my head I took it to stack overflow and was able to find the answer there: .

This is more FYI that the documentation is hard to navigate and the answers that exist are very vague for example:

Valeriu HudeaValeriu Hudea (Okta, Inc.)
Hey Gus, 

Good day.
The stack article sums up how to scope a group from the Apps SAML Group Attribute Statements , the example provided is to scope out groups containing the Admin value , the response you will get with the assertion , you could scope other group attributes as well ex. roles , If your org supports a large number of groups, use this option to filter them into a single SAML assertion. Filtering options include Starts With, Equals, Contains, and Regex expressions. Our expression language may offer more information on statements and custom mappings if there is a more complex attribute implementation: 
We have diferent sources for documentation, some may indeed need an update and recent atention, by expanding the search you will get the answer. 
Wish you a wonderful day. 

Best Regards
Dylann FezeuDylann Fezeu (Customer First Programs)

Thanks for posting your inquiry in Okta Community Portal.

​If you receive a great answer to your question(s), please help readers find it by marking it the best answer. Hover over the answer and click "Best Answer." 

Thank you,

​Dylann Fezeu
Okta Help Center Team