OIDC custom mapping as an Array instead of a String

I have an OIDC Enterprise connection with Okta. When I use the default bindall mapping_mode, groups values get mapped to the user as an Array of strings, which is what I would expect.

When I use usemap mapping_mode and try to map the groups values to a non-restricted claim, the values get mapped as one String of comma separated values eg: “group1, group2, group3”

The mapping I’m using is:

“federated_groups”: “${context.userinfo.groups}”

As per the docs: Configure PKCE and Claim Mapping for OIDC Connections

Is there a way to configure the mapping so that I can get a list of group values mapped to the federated_groups attribute, instea dof a single string of comma separated values? Is this a limitation on the custom mappings?


I have the same question as above. Any insights on this?

Exactly same question.
I suspect bind_all is converting the comma delimited group string into an array. It would be handy if I could continue to use that, but still be able to map my custom fields.

Also, I am getting my groups in the tokenset object rather than userinfo (using Azure AD)
“federated_groups”: “${context.tokenset.groups}”,