From 6e9932b679df8cd72cbb0a975b4e940adca71f1b Mon Sep 17 00:00:00 2001
From: shuuri-labs <61762328+shuuri-labs@users.noreply.github.com>
Date: Mon, 19 Jan 2026 16:55:09 +0100
Subject: [PATCH] Add clarification to jwt group sync docs that groups with
 same name in netbird will not be synced (#561)

---
 src/pages/selfhosted/identity-providers/index.mdx | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/pages/selfhosted/identity-providers/index.mdx b/src/pages/selfhosted/identity-providers/index.mdx
index c8f8608d..2e0fa931 100644
--- a/src/pages/selfhosted/identity-providers/index.mdx
+++ b/src/pages/selfhosted/identity-providers/index.mdx
@@ -169,6 +169,10 @@ Your IdP may require specific configuration in order to pass a groups claim to N
 - [Authentik](/selfhosted/identity-providers/authentik#configuring-jwt-groups-claim)
 - [Keycloak](/selfhosted/identity-providers/keycloak#configuring-jwt-groups-claim)
 
+<Note> 
+Groups with matching names in NetBird and your IdP will **not** sync. To import a group from your IdP, first delete the existing group with that name in NetBird.
+</Note>
+
 #### SCIM 
 NetBird supports provisioning users and groups through SCIM. However, this functionality is not available in the open source Community Edition. It is offered only in the cloud-managed version of NetBird or through a [Commercial License](https://netbird.io/pricing#on-prem) for enterprise self-hosted deployments.