diff --git a/docs/reference/configuration/Single Sign-On/group-based-auth.md b/docs/reference/configuration/Single Sign-On/group-based-auth.md
index f494afbd97..da71639211 100644
--- a/docs/reference/configuration/Single Sign-On/group-based-auth.md	
+++ b/docs/reference/configuration/Single Sign-On/group-based-auth.md	
@@ -9,6 +9,8 @@ Group-based authorization allows to control access to a specific application bas
 | `Admin`        | `/UDS Core/Admin`   | Defined for Administrators |
 | `Auditor`      | `/UDS Core/Auditor` | Defined for regular Users  |
 
+The `/` character is used to define group hierarchy in Keycloak. To include it as part of a group name, escape it with a `~`, for example: `a~/b~/c`.
+
 Below is an example to configure authorization based on the `Admin` (`/UDS Core/Admin`) Group:
 
 ```yaml
diff --git a/src/keycloak/chart/templates/statefulset.yaml b/src/keycloak/chart/templates/statefulset.yaml
index 2269e87f92..fbd6aee13a 100644
--- a/src/keycloak/chart/templates/statefulset.yaml
+++ b/src/keycloak/chart/templates/statefulset.yaml
@@ -116,6 +116,10 @@ spec:
             - name: KC_HTTPS_CLIENT_AUTH
               value: request
 
+            # Escape Slashes in Group Names
+            - name: KC_SPI_GROUP_JPA_ESCAPE_SLASHES_IN_GROUP_PATH
+              value: "true"
+
             ## Activate the nginx provider
             - name: KC_SPI_X509CERT_LOOKUP_PROVIDER
               value: nginx