diff --git a/roles/keycloak/templates/keycloak-realm-create-client.json.j2 b/roles/keycloak/templates/keycloak-realm-create-client.json.j2
index b815645..8ce27a8 100644
--- a/roles/keycloak/templates/keycloak-realm-create-client.json.j2
+++ b/roles/keycloak/templates/keycloak-realm-create-client.json.j2
@@ -50,6 +50,19 @@
         "access.token.claim": "true",
         "userinfo.token.claim": "true"
       }
+    },
+    {
+      "name": "groups",
+      "protocol": "openid-connect",
+      "protocolMapper": "oidc-group-membership-mapper",
+      "consentRequired": false,
+      "config": {
+        "full.path": "true",
+        "id.token.claim": "true",
+        "access.token.claim": "true",
+        "claim.name": "groups",
+        "userinfo.token.claim": "true"
+      }
     }
   ],
   "publicClient": false,