Hello. I've searched for hours now and can't get the grasp on how to use OpenID scope with GitLab. I want to use > The ability to authenticate using GitLab, and read-only access to the user's profile information and group memberships ...so I registered an application checking "openid Authenticate using OpenID Connect". When I authenticate I get an `id_token` (a JWT token) that should contain the data on groups etc. but it only contains: ```json { "iss": " ... URL of our GitLab instance ... ", "sub": "eab34251b705267400f70c71db44c145fa02cb574ea6eafa699e95ef5b08d097", "aud": "f59ef94c260a37bc50b088d3633a566f87741cf2141d9bde5197bc8d1780baa0", "exp": 1522226221, "iat": 1522226101, "auth_time": 1522221229 } ``` However, I also get an `access_token` (of type baerer) if I try using that token to GET `/api/v4/user`, the token does not have sufficient privileges: ```json { "error": "insufficient_scope", "error_description": "The request requires higher privileges than provided by the access token.", "scope": "read_user api" } ``` :question: So, **how do I get the list of user's groups and memberships** :question: If I ask for "read_user" scope and try to GET `/api/v4/user`, I get the identity correctly (but no group memberships). What am I missing?