Keycloak as IdP
LDAP via control.vshn.net
We can use the existing infrastructure to manage users and organizations.
There is id.vshn.net which we could integrate APPUiO Cloud customers.
Each APPUiO instance brings its own Keycloak. This still leaves doors open for federation scenarios or other social logins like GitHub or Google.