Brian Demers
More great questions!
1.) The example does JWT (local) validation. This is configured here.
2.) I would recommend against email addresses, when possible, they change (infrequently) for example name changes are common for marriages, adoptions, or in some cases just because. The claims used in the tokens are specific to the type of token you have, you should be able to get the user’s id from the uid claim (if you have an access token).
3.) SCIM might be overkill for your use-case. It has more to do with federating users between systems.
See: https://developer.okta.com/…
There is also a SCIM talk (and a bunch of other developer talks next week at our (free) virtual conference, Oktane: https://www.okta.com/oktane…
It’s hard to give advice with only knowing a little about your application (this is a general statement and not related to your questions 
). But this is partially the reason why I pointed you to JHipster, as that pushes the authentication concerns to the backend (which is ideal when possible). To get the same custom login experience as you would with the Vue plugin (both domain and form) you can enable the custom domain feature.
Let us know if you have more questions!