Looks like I will be expanding my collection of identity providers (Authentik, KeyCloak, Synology SSO, Pocket ID and Zitadel) that can be used with vCenter Server and/or VMware Cloud Foundation (VCF) Identity Federation!
Fellow colleague, Eric Gray just made me aware of another self-hosted IdP called Kanidm, which he had success setting up and thought I might be interested.
Kanidm is another basic free IdP that allows users to easily setup to play with vCenter Server and/or VCF Identity Federation, but what makes this IdP unique is that it is completely managed using a CLI, there is no web interface like ones listed above.
Additionally, Kanidm supports both traditional username/password authentication and modern passkeys. If you decide to use traditional passwords, Kanidm does require setting up Time-based One-Time Passwords (TOTP) using something like Google Authenticator and provides another factor of authentication, which is pretty neat!