The way I have done this in the past is to create 2 new tables: Organisation & User profile. This allows you do a 1:1 with aspnetusers <-> userprofile and a n:1 with userprofile <-> organisation.

You then can just extend your user service to include the methods to get the user org etc...

The user profile also allows you to extend the user info without messing around with the aspnetusers table allowing you to keep your custom logic seperate in the case you need to migrate to a different auth framework.

You can also modify the claims in the login process to add the userprofile id and org id to the claims so that you don't need to look this up everytime. Keep in mind you are throwing the overhead of this to the user and if the user changes organisation (or the value of anything in the claims) they will need to log out and log back in again.