Oh, I see your point now.
Would you mind leaving that feedback at Auth0: Secure access for everyone. But not just anyone.? That goes directly to the Product team, so if you can explain the scenario there, this is great input for them.
In the meantime, if you plan on linking accounts from multiple Azure AD sources and use groups for authorization purposes, it might be a good idea to use Rules and talk directly to the Azure graph API to get the information directly from them.
There’s also a related issue that you might run into: Auth0 won’t fetch the users or extended profile for users coming from a different Azure AD than the domain defined for the connection (i.e. if you use the common authentication endpoint, combined with a “multi-tenant” app registration in Azure).
This gist fetches groups for users coming from a different tenant than the one used in the connection. You can tweak it to add the tenant name, or other information that could be useful for your authorization needs related to groups. 