Accessing Identity Provider groups in actions


I believe I’m asking something very similar to this: Add user attributes to idToken but I will lay out my current issue.

We’re using AzureAD as a connection, and the Azure Identity Provider populates a field called groups.

Looking at the Raw JSON, I get something like this:

    "created_at": "2022-01-12T03:12:55.402Z",
    "email": "",
    "email_verified": true,
    "family_name": "xyz",
    "given_name": "abc",
    "groups": [
        "Conference Rooms",

But within an action, I can’t seem to do something like:

const validGroups = [ "Security" ]; 
for (const vg in validGroups) {
  if (event.user.groups.includes(vg)) {            // Is the user in a valid group?
    hasValidGroup = true;                          // Grant access if in valid group

because the Actions interface tells me that event.user does not have an groups object.

The docs don’t seem to reflect how to access it either (Actions Triggers: post-login - Event Object), am I missing something here?


Any ideas on this issue?