The below error may occur when an Episerver solution is switched over from ASP.NET Membership to ASP.NET Identity so that OAuth can be used. This works for site users and for the Episerver backend, but for the Commerce Manager, the error below is shown. (“Default Membership Provider must be specified.”)
The issue was caused by that the Apps\Shell\Pages\Login.aspx bundled with the 10.8 version of the Episerver.CommerceManager NuGet package contains a panel with id RegisterPanel. The panel apparently contains a control that tries to load the default membership provider. If the panel is removed from the Login.aspx the error disappears.
As a side note, the register panel does not exist in the newest version the Episerver.CommerceManager NuGet package 11.8.1.
So basically 2 things needed to be done besides what is mentioned in the Episerver Commerce documentation on "Support for OpenID Connect in Episerver Commerce" (https://world.episerver.com/documentation/developer-guides/commerce/security/support-for-openid-connect-in-episerver-commerce/).
1. The code-behind for Login.aspx and Logout.aspx needs to be replaced in the Commerce Manager project.
This can be done by copying the Login.aspx.cs, Login.aspx.designer.cs and Logout.aspx.cs from the Quicksilver EPiServer.Reference.Commerce.Manager project and adding the UpdateLoginPage after build task, from the same project to the Commerce Manager csproj file.
2. Remove the register panel from the Login.aspx.
I've done this by extending the UpdateLoginPage build task with the following lines of code.
// Remove RegisterPanel in order to avoid Membership provider not found error when using OWIN authentication
var pageFile = File.ReadAllText(pagePath);
var panelRegEx = new Regex("<asp:Panel ID=\"RegisterPanel\".*?</asp:Panel>", RegexOptions.Singleline);
pageFile = panelRegEx.Replace(pageFile, string.Empty, 1);