Self-hosted identity server landscape is a mess

I've been scanning the entire internet for a self-hosted identify server to run a Saas application (mobile/web) and secure my rest API endpoints, but there seems to be no real good ones out there without doing massive compromises.

I am burnt out researching all these platforms that fall short on something.

All open source alternatives fall short the moment you need organizations and teams.

- Keycloak - complicated, overbloated?

- Zitadel - does not support groups/teams

- Supertokens - not true open source, $200+ / month because I need multi tenancy + 2fa (on the self hosted plan)

- FushionAuth - paywalls you from essential features, they are not true open source

- Supabase Auth does not have orgs/teams and you have to do all that logic yourself

- Fief - looks good but not mature enough yet (no 2fa etc.)

What I basically need for this project is:

- user registry

- auth, oauth, m2m etc.

- B2C and B2B

- Organizations with teams/groups (multi tenant)

- RBAC

- Multi-language support

- User invites to their own teams/org

- Social logins

- 2fa

- User impersonation is a plus

- + the expected basics like a backend dashboard

What else is there that has all this?

Let's not even bring up the SSO pricing schemes.

I am not fully opposed to paying for a cloud provider but seeing the prices the moment you need something more than MAU just forces me to go back and doing it myself in Supabase.