Clean Architecture and Asp.net Identity

Question

I'm playing around with Clean Architecture and have the following project layout

• Domain (Entities, Exceptions, enums etc.)
• Application (CQRS and interfaces for external stuff "get me stuff from somewhere", "send an email" etc)
• Infrastructure (ef core stuff, send email implementation etc)
• UI (simple razor pages app)

I want to use asp.net identity for authentication / authorisation so wanted to define an AppUser class within domain project but I cant because then that would mean adding a reference to "Microsoft.AspNetCore.Identity.EntityFrameworkCore" which to my understanding goes against clean architecture. The Domain layer should have no external references is what I've read in multiple places.

I'm currently toying with the idea of adding a new assembly Infrastructure.Security and have all of the security related code housed in there. Then any domain item that needed a user association would just have a new field UserId, I would still define all of the required interfaces within the Application layer and this new Infrastructure.Security layer would just implement said interface(s). It seems to fit with the clean architecture ethos because should I want to swap out asp.net identity for another technology its just a case of replacing this Infrastructure.Security.

Has anyone else run into the same issue, does my solution seem like a sensible approach?

I'm open to suggestions and / or better ideas, I must admit I'm completely new to Clean Architecture but like what I have seen and can see the merit behind it.