1) You have to use AWS Cognito to develop a simple webapp for user login/signup. If the user has more than one type of role, then you should ask to disambiguate. It can use already provided social logins(like google, facebook, etc).
2) There are three roles(admin, user, client). The redirection happens based on the role of the logged in user. You can create dummy webapps for redirections. The Webapp should only be accessible if logged in.
3) The webapps are to be preferably developed in react + spring-boot package. You can see this example: [login to view URL] It should be pretty simple.