Roles claim not returned with the Access Token when using OIDC

What is the name of the domain?

kvikk.hu

What is the issue you’re encountering

Hi! I’m using Kinde.com as my auth provider and i setup the authentication method login method in Zero Trust using OpenID Connect. I want to create groups based on the user roles i set up in Kinde. They should be returned as an additional claim in the access token, however after auth, i can only see the e-mail address being returned for some reason. Any ideas what might be the issue?

What steps have you taken to resolve the issue?

I tried adding “roles” to both OIDC Claims and OIDC Scopes, but doesn’t seem to make any difference.

Screenshot of the error

If i add “roles” under OIDC scopes, it will say this when i test it:

{"error":"invalid_scope","error_description":"The requested scope is invalid, unknown, or malformed. The OAuth 2.0 Client is not allowed to request scope 'roles'."}