Support organization parameter in Refresh Token and Password flow

Feature: Add support for organization parameter in Refresh Token and Password flow.

Description: Authorization Code currently supports the organization parameter, Authenticate a user through an organization. It is not only that org_id claim is being added to the token, but also the information about the organization is added to the rule/action context. However, this is not the case for Refresh Token and Password flow, where the parameter is being ignored.

Use-case: Currently, we have to make a separate request to Organizations API, which is a part of Management API, in order to get organization information in our custom rules, when we handle authentication in Refresh Token and Password Flow. Having organization info pre-populated in the context (it is how it works now with Authorization Code) is very convenient, because it allows us avoiding hitting Management API rate limits and besides improves performance of the authentication process.

I would like to add an important detail here. Refresh Token flow indeed sets the org_id claim, if the refresh token itself has previously been obtained with the organization parameter. However, in our case, we would like the parameter to be supported in the refresh token request, so that an Organization could be selected, even though it has not been selected on the initial authentication.

Hey @serp thanks for the feedback :smile:

Our product team monitors these requests for community engagement so let’s hope this gets some upvotes from other members! :chart_with_upwards_trend: