If the tenant is only utilizing FlexOrgs it is possible to bypass the need to pass an "Organization" attribute as part of the SSO assertion, and instead leverage the existing "roles" attribute in order to map user through to the Usergroups and Roles/Organizations automatically.
Checking your users they each appear to pass the following roles - "cloudhealth-standard" or "cloudhealth-administrator" in order to leverage the role as mentioned above you would want to follow these steps to update each of the Usergroups so that users are mapped to the Usergroups based on the role they pass.
1. Navigate to the Administrators Usergroup Setup -> Admin -> Usergroups -> Administrator
2. Select the Details tab and select the Edit option
3. Specify a SSO Key of "roles", alongside a value of "cloudhealth-administrator" see below, and hit Save User Group
4. Repeat this same process for the Standard Users usergroup, and Power users usergroup updating the SSO Value set to "cloudhealth-standard" and "cloudhealth-power" respectively.
This will ensure that users passing any of these roles are automatically mapped to the appropriate Usergroup which will grant them their "Role Document" and access to FlexOrg(s).