Description

To maintain database integrity all backoffice user details are required in the client (not umbraco) database.

Preferably I would not want to store any backoffice user details within umbraco due to data duplication / update sync etc.

Am comfortable with both OAuth / OpenId Connect and Asp.net Identity.

My preferred option would be one or combination of:

1. Identity server
2. Replace the umbraco user store used by the user provider and point to the client db

Questions

1. For both options I don't really want to populate the umbraco db user (and user role user2app etc. associated) tables. Will everything within umbraco still work correctly without these tables if the thread user identity is correctly set by middleware?

2. I've looked at shazzawazzas comments re user store (option 2). Is this all that is required to get it working, or will I need to rewrite the user manager & role provider classes? Have owin registered an example, but it seems more than just the user store required.

3. Login screen (option 1) - is there an easy way to ignore the umbraco backoffice login screen and bounce to identity server to authenticate (assuming on return I can set identity, process claims etc.) i.e. follow standard open id connect login workflow?

4. Any opinions on a better way?