The docs above are for the ID token, but will work just fine for the access token as well. Basically you can add add a claim like http://example.com/tenant that contains the name of the company/tenant that the user is allowed to access. The way to add custom claims is through rules.
Keep in mind that to be OIDC conformant, you need to namespace your custom claims. That’s why I put http://example.com/ in my example.