diff --git a/aleksis/core/settings.py b/aleksis/core/settings.py
index fbd436ae1d69c3d705a9a3ec9896538974f02eb6..3c8f46e5f09449587fb040e916918f80864c7658 100644
--- a/aleksis/core/settings.py
+++ b/aleksis/core/settings.py
@@ -345,6 +345,7 @@ if _settings.get("oauth2.oidc.enabled", False):
             "address": _("Full home postal address"),
             "email": _("Email address"),
             "phone": _("Home and mobile phone"),
+            "groups": _("Groups"),
         }
     )
 
diff --git a/aleksis/core/util/auth_helpers.py b/aleksis/core/util/auth_helpers.py
index 8caea1659fd821f10229e5339adffd5a56659c99..245c233aac6fa117a5f3791d5a004736583b12e6 100644
--- a/aleksis/core/util/auth_helpers.py
+++ b/aleksis/core/util/auth_helpers.py
@@ -77,6 +77,10 @@ class CustomOAuth2Validator(OAuth2Validator):
                 "postal_code": request.user.person.postal_code,
             }
 
+        if "groups" in request.scopes and has_person(request.user):
+            for group in request.user.person.groups.all():
+                claims["groups"].append(group.name)
+
         return claims