Declarative identity management with GitOps workflows for production-ready Kanidm clusters
Kaniop is an open-source Kubernetes operator that automates the deployment and management of Kanidm identity clusters. It transforms identity management into a cloud-native, declarative experience using familiar Kubernetes manifests.
With Kaniop, you can manage users, groups, OAuth2 clients, and POSIX accounts through GitOps workflows, ensuring your identity infrastructure is as scalable and reliable as your applications.
Define your identity infrastructure as code using Kubernetes Custom Resources and GitOps workflows
High-availability Kanidm clusters with automatic scaling, health monitoring, and disaster recovery
Manage users, groups, OAuth2 clients, POSIX accounts, and authentication policies in one place
Built for Kubernetes with native integration, RBAC support, and seamless CI/CD workflows
Comprehensive monitoring, logging, and tracing with OpenTelemetry integration
Version-controlled identity management with automated deployments and rollback capabilities
Install Kaniop and deploy your first Kanidm cluster with just a few commands:
Full Quickstart Guide# Install Kaniop
helm install kaniop oci://ghcr.io/pando85/helm-charts/kaniop \
--create-namespace --namespace kaniop
# Deploy a Kanidm cluster
kubectl apply -f https://raw.githubusercontent.com/pando85/kaniop/refs/heads/master/examples/kanidm-tls.yaml
kubectl apply -f https://raw.githubusercontent.com/pando85/kaniop/refs/heads/master/examples/kanidm.yamlKaniop is an open-source project welcoming contributions from developers, operators, and identity management enthusiasts.