diff --git a/src/main/java/at/ac/uibk/gitsearch/security/oauth2/SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport.java b/src/main/java/at/ac/uibk/gitsearch/security/oauth2/SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport.java
index 5debd577b28b2ba58f74c092e94118704c29f781..132173a8324dafcbfeb1df2781bf602b6c405407 100644
--- a/src/main/java/at/ac/uibk/gitsearch/security/oauth2/SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport.java
+++ b/src/main/java/at/ac/uibk/gitsearch/security/oauth2/SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport.java
@@ -2,7 +2,9 @@ package at.ac.uibk.gitsearch.security.oauth2;
 
 import java.io.IOException;
 import java.security.Principal;
+import java.util.ArrayList;
 import java.util.Collection;
+import java.util.List;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.Cookie;
@@ -11,6 +13,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
@@ -41,8 +44,14 @@ public class SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport extends
 		if (authentication instanceof OAuth2AuthenticationToken) {
 			OAuth2AuthenticationToken oAuthA = (OAuth2AuthenticationToken) authentication;
 			String mail = ((OidcUser) ((OAuth2AuthenticationToken) authentication).getPrincipal()).getEmail();
+			List<String> gitLabGroups = (List<String>) ((OidcUser) ((OAuth2AuthenticationToken) authentication).getPrincipal()).getClaims().get("groups");
 			String idToken = oAuthA.getPrincipal().getAttribute("idToken");
-			authenticationForToken = new SimpleAuthentication(new SimplePrincipal(mail), authentication.getAuthorities());
+			List<GrantedAuthority> roles = new ArrayList<>();
+			roles.addAll(authentication.getAuthorities());
+			for(String gitLabGroup: gitLabGroups) {
+				roles.add(new SimpleGrantedAuthority(gitLabGroup));
+			}
+			authenticationForToken = new SimpleAuthentication(new SimplePrincipal(mail), roles);
 			authenticationForToken.setAuthenticated(authentication.isAuthenticated());
 		}
 		String token = tokenProvider.createToken(authenticationForToken, REQUEST_TOKEN_LIVETIME *1000L); // 200 secs (for Debugging)