Need help with setup best practice

[Rich S]

Greets, all:

We're in the process of setting up a WebDirect connection for clients to view and register for courses that our department's Professional Development staff offer to local school personnel (...with the ability to pay for those same courses online, but that's coming later). School staff will be able to sign in using their ADFS/Active Directory credentials, whereas non-school personnel will create their own login credentials that'll be stored in their personal CLIENT record.

Where I'm stuck is by what mechanism should clients log in? Since we'll have both AD-credential'd and non-AD-credential'd clients, should I create a standalone login database that allows everyone to log in as a guest and from there, they click a radio button that asks if they're district employees or guests then they're shunted to a another file where they log in with proper proper credentials and are then shunted to the registration database, or...? Also, should I even bother creating separate login files, or just add extra (and secure) tables to the registration database itself so it's a one-stop-shop place for everything to happen?

I read with interest How FIleMaker Developers Can Extend Authentication Options with New Additional OAUTH2 Identity Providers in the FIleMaker Platform--Addendum 4--Authentication with ADFS by FMP notables Wim Decorte and Steven Blackwell, but my density has prevented me from gleaning an answer from the document.

As always, thanks in advance for your input!

Rich