From b4da1bccc7f961200b8fe8551e4b286d1d5d5a9f Mon Sep 17 00:00:00 2001
From: Alex Collins <alexec@users.noreply.github.com>
Date: Wed, 8 Jul 2020 12:24:44 -0700
Subject: [PATCH] fix(sso): Remove unused `groups` claim. Fixes #3411 (#3427)

---
 server/auth/sso/sso.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/server/auth/sso/sso.go b/server/auth/sso/sso.go
index 39e83cb353f8..81e6a3967b19 100644
--- a/server/auth/sso/sso.go
+++ b/server/auth/sso/sso.go
@@ -20,7 +20,6 @@ import (
 const Prefix = "Bearer id_token:"
 
 type claims struct {
-	Groups []string `json:"groups"`
 }
 
 type Interface interface {
@@ -115,7 +114,7 @@ func newSso(
 		ClientSecret: string(clientSecret),
 		RedirectURL:  c.RedirectURL,
 		Endpoint:     provider.Endpoint(),
-		Scopes:       []string{oidc.ScopeOpenID, "groups"},
+		Scopes:       []string{oidc.ScopeOpenID},
 	}
 	idTokenVerifier := provider.Verifier(&oidc.Config{ClientID: config.ClientID})
 	log.WithFields(log.Fields{"redirectUrl": config.RedirectURL, "issuer": c.Issuer, "clientId": c.ClientID}).Info("SSO configuration")