diff --git a/coderd/userauth.go b/coderd/userauth.go
index dbb01f12e31ad..3b83d1ed696e1 100644
--- a/coderd/userauth.go
+++ b/coderd/userauth.go
@@ -1342,14 +1342,16 @@ func (api *API) oauthLogin(r *http.Request, params *oauthLoginParams) ([]*http.C
 		// with OIDC for the first time.
 		if user.ID == uuid.Nil {
 			var organizationID uuid.UUID
+			// Ignoring this error is a product of our unit tests. In prod this should never
+			// happen. Unit tests use this as a shortcut to making a new organization. We
+			// should really fix our unit tests and remove this.
 			//nolint:gocritic
-			organizations, _ := tx.GetOrganizations(dbauthz.AsSystemRestricted(ctx))
-			if len(organizations) > 0 {
-				// Add the user to the first organization. Once multi-organization
-				// support is added, we should enable a configuration map of user
-				// email to organization.
-				organizationID = organizations[0].ID
-			}
+			organization, _ := tx.GetDefaultOrganization(dbauthz.AsSystemRestricted(ctx))
+
+			// Add the user to the default organization.
+			// Once multi-organization we should check some configuration to see
+			// if we should add the user to a different organization.
+			organizationID = organization.ID
 
 			//nolint:gocritic
 			_, err := tx.GetUserByEmailOrUsername(dbauthz.AsSystemRestricted(ctx), database.GetUserByEmailOrUsernameParams{
@@ -1395,7 +1397,7 @@ func (api *API) oauthLogin(r *http.Request, params *oauthLoginParams) ([]*http.C
 				// All of the userauth tests depend on this being able to create
 				// the first organization. It shouldn't be possible in normal
 				// operation.
-				CreateOrganization: len(organizations) == 0,
+				CreateOrganization: organizationID == uuid.Nil,
 				LoginType:          params.LoginType,
 			})
 			if err != nil {