hi @FishyFishPat there is a section in the docs that explains it, see here. so yes it is possible, and you need to do it by creating an user group and associate that with information of the users in your authorization server (using the authorizationServer.groupField as a claim, which default to "group")