I’m still not sure about your big picture here, but I think we move into the same goal but from different directions.
One of the reasons we removed “our” KVM management UI was, that there was close to no benefit in the market in the integration between IAM and Hypervisor management on the same Linux Distribution. Our customers implemented several UCS Domains: one for operating the Hypervisor (and other base level operation), one for user services (for members of the organization), and sometimes a third for services related to external users. AFAIR that is also required by PCI-DSS. Pushing a Hypervisor as combination with our product in each of these domains would be a mess. Furthermore we can’t “dictate” which Hypervisor to use – currently UCS still runs more often on VMware then on Proxmox.
So what we aim for is to make the “plug” as you describe it easier: provide the needed APIs and simplify the configuration. We have that in place already for Services like Active Directory, MS365, Google G-Suite or Open Xchange as “Connector” Apps in the App Center. We are working on a Nextcloud Integration App, and have a list of more. If it really brings benefit we might have one for Proxmox, but as all the APIs are already there the steps to configure are not that complex (someone write a Howto here OPENID Keycloak Anbindung Proxmox). I think these are the “Lego” connectors you mentioned - I called it “Packaged Integrations” in my Talk on the Univention Summit.
We need to work on the “big picture” in smaller chunks, otherwise we will be overwhelmed by the whole package. We want to help others to build the solutions their end users need, like for example openDesk does for the public sector.
PS: Please be assured that we have customers following security policies like PCI-DSS, that’s one of the reasons why we offer longer maintenance than Debian Upstream.
PPS: Talking about “Egal, wo Sie sind oder welches Gerät Sie nutzen” on the website tries to address end users: end users can authenticate and access services from any device.
PPPS: my direct contact address is no secret, it’s steuwer@univention.de