How can I make Discourse use Asp.Net Core 3.1 webapp as an Identity Provider

Here’s the problem I’m trying to solve:

  1. I have an Asp.net Core 3.1 web app with Identity (not Identity Server - yet) running at beta.example.com. Users can register, create profiles, sign in with Google/FB, etc. Bog standard ASP.net Authentication/Authorization, no real modifications to the code.
  2. I also have a Discourse forum running under a subdomain (forumbeta.example.com).

I would like the user store to be maintained in the dotnet core app. The app will be the Identity Provider. When a user tries to sign in to Discourse, discourse should ask the web app for the user’s info (name, email, possibly other attributes). If the user exists in the web app and is already signed in, discourse should sign the user into Discourse and allow them to post. If the user doesn’t exist or isn’t signed in, they should get redirected to the app’s signin/register page and either create an account or sign up - and then get redirected back to discourse.

I’ve been doing a lot of reading on the subject, and it appears that I need to install and set up Identity Server 4 on the dotnet app, which will enable it to be an Identity Provider. Then, apparently, I either need to

  1. Use Discourse’s inbuilt SSO functionality
    OR
  2. Install an Oauth2 plugin into Discourse and then configure it

I’m somewhat lost at this point and would love some experienced help to tell me how to proceed. The information on the web is somewhat outdated and I don’t want to spend hours going down a blind alley.