There are a lot other identity providers around you can pick from, I merely mentioned it as I personally use it, as it's so easy to run and integrate with social auth - and comes with features such as simple password-less auth.

The forward auth/proxy auth is not a keycloak feature, it's a proxy feature, which just need some identity provider. If you look for the mentioned term via Google or AI/llm you will find multiple options, some of which are as easy to setup as a simple docker run cmd with an open port

I.e. https://docs.goauthentik.io/add-secure-apps/providers/proxy/...