lmidentityd is a LinuxMice-authored Rust identity service. Katteke is not adopting or forking Kanidm or Rauthy as the product core.
The current alpha supports one organization, users, groups, roles, PostgreSQL migrations, Argon2id passwords, OIDC Authorization Code with mandatory S256 PKCE, signed tokens, userinfo, revocation, rotating refresh tokens, recovery codes, audit events, and a secret-free directory export. Machine and service PKI remain a separate trust boundary.
Roles and groups are not yet emitted or enforced as authorization claims, and the directory export is not a restore format. TLS termination, conformance, backup/restore exercises, passkeys, federation, dependency review, penetration testing, and independent security review remain open. No enterprise identity, certification, or production-readiness claim is made.