Looks like this is being worked on in the underlying auth0-spa-js library but could take some time to pass testing and for the react library to be updated.
auth0:master ← auth0:sdk-2692/org-cookie
opened 09:18PM - 03 Sep 21 UTC
Key changes:
* If an `org_id` claim is returned in the ID token, the SDK stor… es it in a new cookie to act as a "hint" for silent authentication
* When doing `getTokenSilently` with iframe + `prompt=none`, if the hint cookie is available and no value for `organization` was given in the options, the value from the cookie is read and sent to the authorization request
* If the hint cookie is available and `organization` is present in the options, the options value takes precedence
* The cookie is removed on logout
* The cookie is removed if there is no `org_id` claim in the ID token
I also evolved the playground a bit so that you can toggle the organization ID being passed through constructor options or directly to `loginWithRedirect`. I also added JSON output at the bottom so that the options being used to initialize the SDK are visible.