Authentik Group Mapping to Nextcloud via SAML Not Working (Groups Attribute Empty)

Hi all,

I'm working on passing user group information from Authentik to Nextcloud using SAML, but I'm having trouble with the group mapping. Here's what I've done so far:

1. I've created a new SAML Provider Property Mapping policy in Authentik.
2. The SAML Attribute Name is set to groups.
3. I used the following expression to map the user groups: return { "groups": [group.name for group in user.groups.all()] }
4. I tested it using Test Property Mapping in Authentik (with a selected user and a created group), and the result I get is { "groups": [] }.
5. In Nextcloud SSO/SAML Authorization, I assigned the groups attribute where the groups should be mapped.

When I log into Nextcloud, I see that the user groups section still shows { "groups": [] }. This tells me that the communication between Authentik and Nextcloud is working, but for some reason, Authentik isn't fetching the user's group information correctly.

Does anyone have experience with this kind of issue? Could it be that Authentik isn't properly querying the user's groups? Any suggestions would be greatly appreciated!

Thanks in advance!