Anderson Fariña tagged a release candidate of Kotauth, a "docker-oriented full authentication service inspired by keycloak." It's designed to be fully OAuth2/OIDC compliant and spin up very easily, and supports what looks like most of the features one would expect from a full authentication/authorization service: token management and rotation, multitenancy, roles, social login with Google and Github, and more.
It could fulfill a very real gap: authorization and authentication services tend to be very low-ceiling until they're not. Keycloak, Auth0, and Clerk all work for development but with different burdens: either configuration madness with Keycloak, or a drastic migration (or a pricing boundary) with Auth0 or Clerk, and developers typically have to choose which problem to put in their future migration plan.
It's built on ktor and exposed, for the most part (with a few more dependencies, but nothing seems unexpected) and seems well-designed on the surface. The project is looking for stress testers and feedback. If you've had to wrestle with Keycloak or are dreading the Auth0 renewal quote, this project might be very interesting. It's a problem space this site has had to deal with and will have to deal with in the future itself: Kotauth was released a month too late!
Worth watching.