Following up on this subject @noob 
You are unable to do this by default when requesting the profile scope in an authorize request since profile is a standard claim/scope.
However you can accomplish this another way by using Rules, check if profile scope is requested, and add groups as custom claim to the token.
Please let me know if you have any questions!