We have Grafana setup with AzureAD, and authentication works fine, but there is a small glitch if you have multiple organisation.
If an admin assigned access to multiple organisation for a AzureAD user, next time the user will login via AzureAD SSO will get access only to the default org usually Main, and assigments to the other organisation will be removed from the user.
How to preserve those settings? Should those be added into AzureAD payload and roles assignment in Azure to be passed on to Grafana? how Grafana could parse those if this is the case? Currently in our case this is the only aspect that is blocking us from fully enrolling AzureAD SSO for our users.