diff --git a/tls/src/main/java/org/bouncycastle/jsse/BCSSLEngine.java b/tls/src/main/java/org/bouncycastle/jsse/BCSSLEngine.java
index ffa30b6338..36e6d40900 100644
--- a/tls/src/main/java/org/bouncycastle/jsse/BCSSLEngine.java
+++ b/tls/src/main/java/org/bouncycastle/jsse/BCSSLEngine.java
@@ -50,4 +50,10 @@ public interface BCSSLEngine
      *             if the cipherSuites or protocols properties contain unsupported values
      */
     void setParameters(BCSSLParameters parameters);
+
+    /**
+     * Returns the name of the negotiated group for a TLS 1.3 connection. Other TLS versions will always return "UNKNOWN".
+     * @return the name of the negotiated group
+     */
+    String getNegotiatedGroup();
 }
diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/ProvSSLEngine.java b/tls/src/main/java/org/bouncycastle/jsse/provider/ProvSSLEngine.java
index d0a0b8bf35..cbfcb75b49 100644
--- a/tls/src/main/java/org/bouncycastle/jsse/provider/ProvSSLEngine.java
+++ b/tls/src/main/java/org/bouncycastle/jsse/provider/ProvSSLEngine.java
@@ -415,6 +415,12 @@ public synchronized void setParameters(BCSSLParameters parameters)
         SSLParametersUtil.setParameters(this.sslParameters, parameters);
     }
 
+    @Override
+    public String getNegotiatedGroup()
+    {
+        return protocol.getNegotiatedGroup();
+    }
+
     // An SSLEngine method from JDK 6
     public synchronized void setSSLParameters(SSLParameters sslParameters)
     {
diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java b/tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java
index a639d1fd24..2dfc185b45 100644
--- a/tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java
+++ b/tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java
@@ -2283,4 +2283,14 @@ protected static void writeSupplementalData(OutputStream output, Vector suppleme
 
         TlsUtils.writeOpaque24(supp_data, output);
     }
+
+    /**
+     * Returns the name of the negotiated group for a TLS 1.3 connection. Other TLS versions will always return "UNKNOWN".
+     * @return the name of the negotiated group
+     */
+    public String getNegotiatedGroup()
+    {
+        final int negotiatedGroup = getContext().getSecurityParameters().getNegotiatedGroup();
+        return NamedGroup.getName(negotiatedGroup);
+    }
 }