feat(identity): landing page

.ruby-version

@@ -1 +1 @@
-3.4.4
+3.4.9

app/_event_gateway_policies/acl/index.md

@@ -65,7 +65,7 @@ rows:
       If your Kafka topics follow a naming convention with prefixes, you can easily organize them into categories with {{site.event_gateway}} by using a combination of namespaces, forwarding policies, and ACL policies.
   - use_case: "[How-to: Secure Kafka traffic in {{site.event_gateway_short}} with Kong Identity and ACLs](/how-to/event-gateway/kong-identity-oauth/)"
     description: |
-      Using [Kong Identity](/kong-identity/) as an auth server, verify client OAuth tokens through a virtual cluster, and apply an ACL policy to restrict access to a specific client.
+      Using [Kong Identity](/kong-identity/reference/) as an auth server, verify client OAuth tokens through a virtual cluster, and apply an ACL policy to restrict access to a specific client.
 {% endtable %}
 <!--vale on-->
 

app/_how-tos/dev-portal/kong-identity-dcr.md

@@ -27,7 +27,7 @@ search_aliases:
 tldr:
     q: How do I automatically create and manage Dev Portal applications in Kong Identity?
     a: |
-      You can use Dynamic Client Registration to automatically create Dev Portal applications in [Kong Identity](/kong-identity/). First, create an auth server for Kong Identity and copy your Issuer URL. Then, create a new DCR provider in your Dev Portal settings and create a new auth strategy for DCR. Apply the auth strategy to published APIs.
+      You can use Dynamic Client Registration to automatically create Dev Portal applications in [Kong Identity](/kong-identity/reference/). First, create an auth server for Kong Identity and copy your Issuer URL. Then, create a new DCR provider in your Dev Portal settings and create a new auth strategy for DCR. Apply the auth strategy to published APIs.
 
 prereqs:
   entities:

app/_how-tos/event-gateway/kong-identity-oauth.md

@@ -50,7 +50,7 @@ related_resources:
   - text: Event Gateway
     url: /event-gateway/
   - text: "Kong Identity"
-    url: /kong-identity/
+    url: /kong-identity/reference/
   - text: Dynamic claim templating
     url: /kong-identity/#dynamic-claim-templates
   - text: Event Gateway ACL policy

app/_how-tos/gateway/configure-kong-identity-oauth-introspection.md

@@ -17,6 +17,7 @@ works_on:
   - konnect
 tags:
     - authentication
+    - kong-identity
 description: Learn how to configure Kong Identity with OAuth 2.0 Introspection.
 
 tldr: 
@@ -42,7 +43,7 @@ faqs:
 automated_tests: false
 related_resources:
   - text: "Kong Identity"
-    url: /kong-identity/
+    url: /kong-identity/reference/
   - text: Dynamic claim templating
     url: /kong-identity/#dynamic-claim-templates
   - text: Configure the OIDC plugin with Kong Identity

app/_how-tos/gateway/configure-kong-identity-oidc.md

@@ -17,6 +17,7 @@ works_on:
   - konnect
 tags:
     - authentication
+    - kong-identity
 description: Learn how to configure Kong Identity with OIDC.
 
 tldr: 
@@ -49,7 +50,7 @@ faqs:
 automated_tests: false
 related_resources:
   - text: "Kong Identity"
-    url: /kong-identity/
+    url: /kong-identity/reference/
   - text: Dynamic claim templating
     url: /kong-identity/#dynamic-claim-templates
   - text: Configure the OAuth 2.0 Introspection plugin with Kong Identity

app/_how-tos/gateway/configure-kong-identity-upstream-oauth.md

@@ -17,6 +17,7 @@ works_on:
   - konnect
 tags:
     - authentication
+    - kong-identity
 description: Learn how to configure Kong Identity with Upstream OAuth.
 
 tldr: 
@@ -42,7 +43,7 @@ faqs:
 automated_tests: false
 related_resources:
   - text: "Kong Identity"
-    url: /kong-identity/
+    url: /kong-identity/reference/
   - text: Dynamic claim templating
     url: /kong-identity/#dynamic-claim-templates
   - text: Configure the OIDC plugin with Kong Identity

app/_includes/how-tos/steps/konnect-identity-server-scope-claim-client.md

@@ -76,7 +76,7 @@ body:
 {% endkonnect_api_request %}
 <!--vale on-->
 
-You can also configure dynamic custom claims with [dynamic claim templating](/kong-identity/#dynamic-claim-templates) to generate claims during runtime.
+You can also configure dynamic custom claims with [dynamic claim templating](/kong-identity/reference/#dynamic-claim-templates) to generate claims during runtime.
 
 ## Create a client in the auth server
 

app/_landing_pages/event-gateway.yaml

@@ -256,7 +256,7 @@ rows:
                     - outcome: |
                         Replace legacy auth methods with modern enterprise identity standards your team already uses
                       feature: |
-                        [OAuth](/kong-identity/)
+                        [OAuth](/kong-identity/reference/)
                       guide: |
                         [Set up {{site.event_gateway_short}} with Kong Identity OAuth](/event-gateway/kong-identity-oauth/)
                     - outcome: |

app/_landing_pages/kong-identity.yaml

@@ -0,0 +1,162 @@
+metadata:
+  title: "Kong Identity"
+  content_type: landing_page
+  description: "Unified machine-to-machine authentication platform within Kong Konnect."
+  products:
+    - konnect
+  works_on:
+    - konnect
+rows:
+  - header:
+      type: h1
+      text: "Kong Identity"
+      sub_text: "The unified machine-to-machine authentication platform"
+
+  - header:
+      type: h2
+      text: "Introducing Kong Identity"
+    columns:
+      - blocks:
+          - type: text
+            config: |
+                Kong Identity provides a single platform to manage traffic policy and identity policy with the [Konnect API](/api/konnect/kong-identity/v1/#/) for machine-to-machine authentication. Use Kong identity to:
+                * Create authorization servers per region.
+                * Issue and validate access tokens.
+                * Integrate secure auhtentication into Kong Gateway API.   
+          - type: button
+            config:
+              text: "Learn how it works →"
+              url: "/kong-identity/reference/"
+      - blocks:
+          - type: image
+            config:
+              url: /assets/images/konnect/konnect-dashboard.png
+              alt_text: Image of the {{site.konnect_short_name}} dashboard
+  - header:
+      type: h2
+      text: "Secure your APIs"
+      description: |
+        Set up and manage API access with Kong Identity
+    columns:
+      - blocks:
+        - type: card
+          config:
+            title: "Issue access tokens"
+            description: |
+              Use Kong Identity as the auth server. Issue and verify OAuth 2.0 / OIDC tokens without standing up a separate identity provider.
+            icon: /assets/icons/security.svg
+            ctas:
+              - text: Set up an authorization server
+                url: /kong-identity/reference/#configure-kong-identity
+                align: end
+      - blocks:
+        - type: card
+          config:
+            title: ""
+            description: |
+
+            icon: /assets/icons/service-document.svg
+            ctas:
+              - text: 
+                url: 
+                align: end
+      - blocks:
+        - type: card
+          config:
+            title: ""
+            description: |
+
+            icon: /assets/icons/data-object.svg
+            ctas:
+              - text: 
+                url: 
+                align: end
+  - header:
+      type: h2
+      text: "Secure your event streams"
+      description: |
+        Authenticate Kafka clients connecting to your Event Gateway
+    columns:
+      - blocks:
+        - type: card
+          config:
+            title: ""
+            description: |
+
+            icon: /assets/icons/security.svg
+            ctas:
+              - text: 
+                url: 
+                align: end
+      - blocks:
+        - type: card
+          config:
+            title: ""
+            description: |
+
+            icon: /assets/icons/service-document.svg
+            ctas:
+              - text: 
+                url: 
+                align: end
+      - blocks:
+        - type: card
+          config:
+            title: ""
+            description: |
+
+            icon: 
+            ctas:
+              - text: 
+                url: 
+                align: end                  
+  - header:
+      type: h2
+      text: "Plugins"
+      description: |
+        Combine Kong Identity with the available plugins:
+    columns:
+      - blocks:
+        - type: card
+          config:
+            title: "OpenID Connect"
+            description: |
+              Use the OpenID Connect (OIDC) plugin to integrate Kong Gateway with Kong Identity in Konnect for machine-to-machine API access.
+            icon: /assets/icons/plugins/openid-connect.png
+            ctas:
+              - text: Learn more
+                url: /plugins/openid-connect/
+                align: end
+      - blocks:
+        - type: card
+          config:
+            title: "OAuth 2.0 Introspection plugin"
+            description: |
+              Validate access tokens using an OAuth 2.0 authorization server's introspection endpoint.
+            icon: /assets/icons/plugins/oauth2-introspection.png
+            ctas:
+              - text: Learn more
+                url: /plugins/oauth2-introspection/
+                align: end
+      - blocks:
+        - type: card
+          config:
+            title: "Upstream OAuth"
+            description: |
+              Make your API Gateway support OAuth flows between Kong Gateway and the upstream API. The plugin supports storing tokens issued by the IdP in different backend formats.
+            icon: /assets/icons/plugins/upstream-oauth.png
+            ctas:
+              - text: Learn more
+                url: /plugins/upstream-oauth/
+                align: end
+
+  - header:
+      type: h2
+      text: How-to guides
+    columns:
+      - blocks:
+          - type: how_to_list
+            config:
+              tags:
+                  - kong-identity
+              quantity: 7

app/_redirects

@@ -259,3 +259,6 @@
 /mcp/kong-mcp/tools/    /konnect-platform/konnect-mcp/tools/
 /mcp/autogenerate-mcp-tools/    /mcp/map-api-to-mcp-tools/
 /mcp/autogenerate-mcp-tools-for-weather-api/    /mcp/map-weather-api-to-mcp-tools/
+
+# Kong Identity
+/kong-identity/  /kong-identity/reference/

app/konnect-platform/kong-identity.md

@@ -6,7 +6,7 @@ layout: reference
 products:
     - konnect
 
-permalink: /kong-identity/
+permalink: /kong-identity/reference/
 works_on:
     - konnect
 search_aliases:

app/konnect-platform/teams-and-roles.md

@@ -288,7 +288,7 @@ rows:
 
 #### Auth servers
 
-The following table describes the predefined roles for [Kong Identity](/kong-identity/) authorization servers:
+The following table describes the predefined roles for [Kong Identity](/kong-identity/reference/) authorization servers:
 
 <!--vale off-->
 {% table %}