diff --git a/argocd/manifests/authentik/configmap-blueprint.yaml b/argocd/manifests/authentik/configmap-blueprint.yaml
index 8be67b2..1a0e72b 100644
--- a/argocd/manifests/authentik/configmap-blueprint.yaml
+++ b/argocd/manifests/authentik/configmap-blueprint.yaml
@@ -20,20 +20,6 @@ data:
         attrs:
           name: admins
 
-      # groups scope mapping — returns user's group names in OIDC tokens
-      - model: authentik_providers_oauth2.scopemapping
-        id: groups-scope
-        identifiers:
-          scope_name: groups
-        attrs:
-          name: "OAuth Mapping: groups"
-          scope_name: groups
-          description: "Map user groups to OIDC groups claim"
-          expression: |
-            return {
-                "groups": [group.name for group in request.user.ak_groups.all()],
-            }
-
   grafana.yaml: |
     version: 1
     metadata:
@@ -63,7 +49,6 @@ data:
             - !Find [authentik_providers_oauth2.scopemapping, [scope_name, openid]]
             - !Find [authentik_providers_oauth2.scopemapping, [scope_name, email]]
             - !Find [authentik_providers_oauth2.scopemapping, [scope_name, profile]]
-            - !Find [authentik_providers_oauth2.scopemapping, [scope_name, groups]]
           sub_mode: hashed_user_id
           include_claims_in_id_token: true
 
@@ -120,7 +105,6 @@ data:
             - !Find [authentik_providers_oauth2.scopemapping, [scope_name, openid]]
             - !Find [authentik_providers_oauth2.scopemapping, [scope_name, email]]
             - !Find [authentik_providers_oauth2.scopemapping, [scope_name, profile]]
-            - !Find [authentik_providers_oauth2.scopemapping, [scope_name, groups]]
           sub_mode: hashed_user_id
           include_claims_in_id_token: true