diff --git a/bitwarden_license/src/Portal/EnterprisePortalCurrentContext.cs b/bitwarden_license/src/Portal/EnterprisePortalCurrentContext.cs
index 3e03535dfd..c38937337f 100644
--- a/bitwarden_license/src/Portal/EnterprisePortalCurrentContext.cs
+++ b/bitwarden_license/src/Portal/EnterprisePortalCurrentContext.cs
@@ -52,7 +52,8 @@ namespace Bit.Portal
 
             // TODO: maybe make loading orgs Lazy<T> somehow?
             var orgUserRepo = _serviceProvider.GetRequiredService<IOrganizationUserRepository>();
-            var userOrgs = await orgUserRepo.GetManyDetailsByUserAsync(UserId.Value);
+            var userOrgs = await orgUserRepo.GetManyDetailsByUserAsync(UserId.Value,
+                Core.Enums.OrganizationUserStatusType.Confirmed);
             OrganizationsDetails = userOrgs.ToList();
             Organizations = userOrgs.Select(ou => new CurrentContentOrganization
             {
diff --git a/src/Api/Controllers/OrganizationsController.cs b/src/Api/Controllers/OrganizationsController.cs
index 0ae46fae3d..7421e7f238 100644
--- a/src/Api/Controllers/OrganizationsController.cs
+++ b/src/Api/Controllers/OrganizationsController.cs
@@ -139,7 +139,8 @@ namespace Bit.Api.Controllers
         public async Task<ListResponseModel<ProfileOrganizationResponseModel>> GetUser()
         {
             var userId = _userService.GetProperUserId(User).Value;
-            var organizations = await _organizationUserRepository.GetManyDetailsByUserAsync(userId);
+            var organizations = await _organizationUserRepository.GetManyDetailsByUserAsync(userId,
+                OrganizationUserStatusType.Confirmed);
             var responses = organizations.Select(o => new ProfileOrganizationResponseModel(o));
             return new ListResponseModel<ProfileOrganizationResponseModel>(responses);
         }
diff --git a/src/Core/IdentityServer/BaseRequestValidator.cs b/src/Core/IdentityServer/BaseRequestValidator.cs
index cf679248ce..d881560ce7 100644
--- a/src/Core/IdentityServer/BaseRequestValidator.cs
+++ b/src/Core/IdentityServer/BaseRequestValidator.cs
@@ -301,7 +301,8 @@ namespace Bit.Core.IdentityServer
                 if (ssoOrgs.Any())
                 {
                     // Parse users orgs and determine if require sso policy is enabled
-                    var userOrgs = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id);
+                    var userOrgs = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id,
+                        OrganizationUserStatusType.Confirmed);
                     foreach (var userOrg in userOrgs.Where(o => o.Enabled && o.UseSso))
                     {
                         var orgPolicy = await _policyRepository.GetByOrganizationIdTypeAsync(userOrg.OrganizationId,