diff --git a/cspell.json b/cspell.json
index ef3e3d53619..d4d087165c3 100644
--- a/cspell.json
+++ b/cspell.json
@@ -247,6 +247,7 @@
     "aws-sdk-ios",
     "aws.cognito.signin.user.admin",
     "aws",
+    "Authadmin",
     "AWSAPI",
     "AWSAPIGateway",
     "AWSAPIPlugin",
diff --git a/src/pages/[platform]/build-a-backend/auth/use-existing-cognito-resources/index.mdx b/src/pages/[platform]/build-a-backend/auth/use-existing-cognito-resources/index.mdx
index ceb0aa498c6..4902c716ee2 100644
--- a/src/pages/[platform]/build-a-backend/auth/use-existing-cognito-resources/index.mdx
+++ b/src/pages/[platform]/build-a-backend/auth/use-existing-cognito-resources/index.mdx
@@ -150,6 +150,24 @@ export const auth = referenceAuth({
 });
 ```
 
+Additionally, you can also use the `groups` property to reference groups in your user pool. This is useful if you want to work with groups in your application and provide access to resources such as storage based on group membership.
+
+```ts title="amplify/auth/resource.ts"
+import { referenceAuth } from '@aws-amplify/backend';
+import { getUser } from "../functions/get-user/resource";
+
+export const auth = referenceAuth({
+  userPoolId: 'us-east-1_xxxx',
+  identityPoolId: 'us-east-1:b57b7c3b-9c95-43e4-9266-xxxx',
+  authRoleArn: 'arn:aws:iam::xxxx:role/amplify-xxxx-mai-amplifyAuthauthenticatedU-xxxx',
+  unauthRoleArn: 'arn:aws:iam::xxxx:role/amplify-xxxx-mai-amplifyAuthunauthenticate-xxxx',
+  userPoolClientId: 'xxxx',
+  groups: {
+    admin: "arn:aws:iam::xxxx:role/amplify-xxxx-mai-amplifyAuthadminGroupRole-xxxx",
+  },
+});
+```
+
 In a team setting you may want to reference a different set of auth resources depending on the deployment context. For instance if you have a `staging` branch that should reuse resources from a separate "staging" environment compared to a `production` branch that should reuse resources from the separate "production" environment. In this case we recommend using environment variables.
 
 ```ts title="amplify/auth/resource.ts"