What AWS service to use as OAUTH2 for the use with microservices

Question

I have been doing some research about using some AWS service as OAUTH2 for our application running in 3 docker containers (backend, frontend, database). Backend has an API which is not open to public obviously and accessible only within docker network. We are looking for extending our app with a chat service, which we want to implement as a service, so we build our app following microservices architecture, since we will add other services later on. So when user logs into our app, his session will be also "shared" with chat service.

Our chat service will be using sockets and since sockets require direct connection to user resources, we can not just implement an integration layer which will supply all resources required by chat service, but we have to either:

1. implement sockets within our application API (which we dont want to do, we want it as microservice),

2. open API endpoints for chat service to use, but this option requires OAUTH2 and thats what we try to deal with.

I am not sure if there is some other way to handle this and be also ready for a long run, but if this works, which AWS service would fit the best for us to use, which would play OAUTH2 role for handling security in this matter?

I also checked this post but it didn't help me much in my case. I'm open to any suggestions, I've checked AWS lambda, AWS cognito, AWS amplify, pretty confusing, many features, we don't want to overload the architecture with features we don't need.

Answer 1

What exactly is the thing you want? User accounts managed by AWS? Use cognito.

Users logging in with Apple, Facebook, Etc? Use cognito again.

Just have some backend code that once a user logs in, create a token or session so they can chat with that.

There are many youtube videos on AWS cognito but a lot of them suck. The best one is written in React but before they came out with hooks. Here is part one. https://www.youtube.com/watch?v=EaDMG4amEfk