To resolve this issue, group name used for role mapping should be added as an available group using the group membership.
- Login to admin console
- Navigate to Users > User Realms > [REALM NAME] > Role Mapping
- Click New Rule
- From Rule Based On drop-down, select Group Membership
- Click Update
- Click Groups...
- From the server catalog menu, click Search
- From the results, select all group names used for all custom expressions rules
- Click Add Selected
- Click OK
Once the group name are added under Available Groups, please have the end user attempt to authenticate again.