With Cognito Identity, you can easily and securely add sign-up and sign-in functionality to your mobile and web apps. Cognito Identity is fully managed and can scale to support hundreds of millions of users. You can also implement enhanced security features, such as email and phone number verification, and multi-factor authentication. In addition, Cognito Identity lets you customize workflows through AWS Lambda such as adding app-specific logic to user registration for fraud detection and user validation. To learn more, visit docs.

Cognito Identity allows you to easily federate identities so that your users can sign-in through social identity providers such as Facebook, Twitter, Google, and Amazon or using your own identity solution. You can also let your users sign-in through identity providers that support Security Assertion Markup Language (SAML) such as Microsoft ADFS. When you use Amazon Cognito, your app is provided with temporary, limited-privilege credentials that it can use to access AWS resources. You can set granular access permissions on your AWS resources, for example, you can limit access to a folder within an S3 bucket to a particular app user, or enable unauthenticated users to access a restricted set of resources. This means your app can access the resources it needs and that you can follow security best practices by not hardcoding credentials in your app. To learn more, visit our docs.

When you use Cognito Sync, your app can read and write to a local data store. This means that your app can work in the same way regardless of whether the device is online or offline. You can also save user data, such as user preferences, sign-in, and game state, and then sync this data across a user’s devices to make their experience consistent across their devices. Cognito Sync resolves conflicts and intermittent network connectivity, enabling you to focus on delivering great app experiences instead of creating and managing a user data sync solution. To learn more, visit our docs.