I have SSO between Salesforce and Azure AD using Salesforce App available in Azure. I'm also using provisioning to create the users in Salesforce. Everything works fine, but I need another field to pass to Salesforce: The Application Groups that the user belongs. It is possible to add a field to the User in Azure AD with this information and mapping it in Provisioning -> Attribute Mapping ? Let's say something similar with SingleAppRoleAssignment([appRoleAssignments]), but with all the groups that the user belong regarding only this particular Application.
For user provisioning I have created several groups in the app. For each group I assign a role(profile in Salesforce). Then I assign users to the specific groups. The provisioning start and I also want to send the group(s) that the user is member.