Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Fyi: Not affiliated with ory

My team tried both ory &amp; keycloak. 
Found keycloak more annoying to deploy in modern cloud, harder to customize, less maintained (red hat is not obligated to patch zero-days like they do for their paid auth offering), and has certain show-stopping performance edge-cases if you need large scale multi-tenancy &amp; other niche features.

Both took a decent amount of work to integrate with our existing app since we wanted more control than a publicly exposed instance; we expose our own custom interfaces / UI and proxy calls to ory where needed.

Not going to lie and say ory has been perfect, but it HAS been the best open source (or self hosted) solution we've assessed / used when flexibility or scalability was important.

May be worth evaluating the level of maturity your team needs. If you're using a framework like rails or Django, it could pay dividends to use some auth libs tightly integrated with those. 

Ory is great for polyglot / microservice setups &amp; can be drop-in for projects where their pre-designed auth flows meet your needs. More work if those flows aren't sufficient