diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 9b4d1e3c37a041286e2b1d2a977c8bf2c76c1612..5d2a6df40d1ffb32c18c8549dac0ad10ab46952c 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -3,7 +3,7 @@ image: docker:19.03.1
 variables:
   DOCKER_TLS_CERTDIR: "/certs"
   IMAGE_TAG: $CI_REGISTRY_IMAGE
-  IMAGE_VER: 1.7.0
+  IMAGE_VER: 1.8.0
 
 services:
   - docker:19.03.1-dind
diff --git a/lib/CF/Helpers/Auth.pm b/lib/CF/Helpers/Auth.pm
index fe004ae28cd7180e9871b0548c8a98af9ae08a28..df369d557d8a2169ecfb48985399d83cf0199e62 100644
--- a/lib/CF/Helpers/Auth.pm
+++ b/lib/CF/Helpers/Auth.pm
@@ -94,9 +94,23 @@ sub register ( $class, $self, $conf) {
             @roles = split /\W+/, $c->req->headers('X-Roles');
         }
         elsif ( my $claims = $c->oauth_claims ) {
-            @roles = @{ $claims->{roles} // [] };
+
+            if ( $c->cfg->{groups_to_roles_map} ) {
+                GROUP:
+                foreach my $group ( sort @{ $claims->{groups} } ) {
+                    if ($c->cfg->{groups_to_roles_map} =~ /$group=(\w+)/x) {
+                        push @roles, $1;
+                    }
+                }
+            }
+            else {
+                @roles = @{ $claims->{roles} // [] };
+            }
+
         }
 
+$c->trace(join '=', @roles);
+
         $c->stash->{user_roles} //= { map { $_ => 1 }  @roles };
         return $c->stash->{user_roles};
     });
diff --git a/openapi.yaml b/openapi.yaml
index 2a3f3d9b8438420273de882c44f8fc5d87c26c98..2e4991a7057fe416e9734c3637087a780cf0b13a 100644
--- a/openapi.yaml
+++ b/openapi.yaml
@@ -1,7 +1,7 @@
 openapi: 3.0.3
 
 info:
-  version: 1.7.0
+  version: 1.8.0
   title: CF Online
   description: CF Online
   license:
@@ -124,6 +124,7 @@ components:
             type: string
         jitsi_url:
             type: string
+            nullable: true
         is_banned:
             type: boolean
     Announcement: