AWS Security Blog

Category: Amazon Cognito

How to configure Duo multi-factor authentication with Amazon Cognito

Adding multi-factor authentication (MFA) reduces the risk of user account take-over, phishing attacks, and password theft. Adding MFA while providing a frictionless sign-in experience requires you to offer a variety of MFA options that support a wide range of users and devices. Let’s see how you can achieve that with Amazon Cognito and Duo MFA. […]

Read More

How to add authentication to a single-page web application with Amazon Cognito OAuth2 implementation

In this post, I’ll be showing you how to configure Amazon Cognito as an OpenID provider (OP) with a single-page web application. This use case describes using Amazon Cognito to integrate with an existing authorization system following the OpenID Connect (OIDC) specification. OIDC is an identity layer on top of the OAuth 2.0 protocol to […]

Read More

Role-based access control using Amazon Cognito and an external identity provider

Amazon Cognito simplifies the development process by helping you manage identities for your customer-facing applications. As your application grows, some of your enterprise customers may ask you to integrate with their own Identity Provider (IdP) so that their users can sign-on to your app using their company’s identity, and have role-based access-control (RBAC) based on […]

Read More

Selecting and migrating a Facebook API version for Amazon Cognito

On May 1, 2020, Facebook will remove version 2.12 of the Facebook Graph API. This change impacts Amazon Cognito customers who are using version 2.12 of the Facebook Graph API in their identity federation configuration. In this post, I explain how to migrate your Amazon Cognito configuration to use the latest version of the Facebook […]

Read More

How to set case sensitivity in the Amazon Cognito console

AWS recently updated how Amazon Cognito user pools are created so that new user pools are case insensitive by default. An Amazon Cognito user pool is a user directory that helps you manage end-user identities. With this new feature, the native user name, email alias, and preferred user name alias are marked as case insensitive […]

Read More

How to set up Sign in with Apple for Amazon Cognito

January 7, 2020: Based on customer feedback, we revised the wording of a step in a procedure to improve clarity. Amazon Cognito user pools enables you to add user sign-in and sign-up to your mobile and web applications using a secure and scalable user directory. With Amazon Cognito user pools, your end users can sign […]

Read More

How to Use New Advanced Security Features for Amazon Cognito User Pools

Amazon Cognito lets you easily add user sign-up, sign-in, and access control to your mobile and web apps. You can use fully managed user directories, called Amazon Cognito user pools, to create accounts for your users, allow them to sign in, and update their profiles. Your users also can sign in by using external identity […]

Read More

Amazon Cognito User Pools Now Integrates with Amazon Pinpoint to Add Analytics for User Pools

Amazon Cognito User Pools now integrates with Amazon Pinpoint to provide analytics for user pools and to enrich the user data for Amazon Pinpoint campaigns. Amazon Cognito User Pools provides user directories that make it easy to add sign-up and sign-in to your mobile or web application. Amazon Pinpoint provides analytics and targeted campaigns to drive […]

Read More

Amazon Cognito Your User Pools is Now Generally Available

Amazon Cognito makes it easy for developers to add sign-up, sign-in, and enhanced security functionality to mobile and web apps. With Amazon Cognito Your User Pools, you get a simple, fully managed service for creating and maintaining your own user directory that can scale to hundreds of millions of users. With today’s launch, user pools adds: […]

Read More