diff --git a/aleksis/core/settings.py b/aleksis/core/settings.py
index 788eccac4d92fc72f11a79a8b777179b6511aa5b..418b2b384bff96c0e2532328c7819a9c6451c259 100644
--- a/aleksis/core/settings.py
+++ b/aleksis/core/settings.py
@@ -351,6 +351,7 @@ if _settings.get("oauth2.oidc.enabled", False):
             "address": _("Full home postal address"),
             "email": _("Email address"),
             "phone": _("Home and mobile phone"),
+            "groups": _("Groups"),
         }
     )
 
diff --git a/aleksis/core/util/auth_helpers.py b/aleksis/core/util/auth_helpers.py
index ed7bced95ac2a83c32d2919ad484204448f71e6f..b74667914463407bab9e19b3b97017f3440b42f9 100644
--- a/aleksis/core/util/auth_helpers.py
+++ b/aleksis/core/util/auth_helpers.py
@@ -72,4 +72,8 @@ class CustomOAuth2Validator(OAuth2Validator):
                 "postal_code": request.user.person.postal_code,
             }
 
+        if "groups" in request.scopes and has_person(request.user):
+            for group in request.user.person.groups.all():
+                claims["groups"].append(group.name)
+
         return claims