API

Where to store users?

Suppose I have some kind of API in which there is some kind of logic and it all works fine, but I understand that I need users and roles, of course, I can go and create a plate with both of them and implement it, but I have a question, do I really have to do this? Implement registration, password change, make sure that it is safe, convenient, and productive? Why, when I need to store conditional JAR packages, I am able to install a store for myself and just configure it, and with users, all the guides that I see come down to describing the OpenID / Oauth2 protocols. It’s not very clear to me, is there really no good open source implementation of all actions related to users?
Googling, I came across the concept of identity & access management (IAM) and as I understand it, such systems just allow you to implement something similar. The most adequate are Gluu, CAS, Keycloak. But looking at them, you understand that this is also a kind of harvester of everyone. There you have Web admin, and immediately screwed OpenId for your clients, and integration with AD. But it’s not clear to me whether I really need such a large tool, and I still don’t understand where it will eventually store users, and whether I need to implement registration and password change methods.
Are there any ready-made solutions in this regard, or will only a sign with users in my apishka save me?