> SAML allows you to send additional attributes with the identity payload, like group memberships.

This is how OIDC does it, too; group membership is a claim.