Cognito User Pools provides built-in sign in screens and federation with Facebook, Google, Login with Amazon, and SAML. Learn More.
Amazon Cognito lets you easily add user sign-up and sign-in to your mobile and web apps. With Amazon Cognito, you also have the options to authenticate users through social identity providers such as Facebook, Twitter, or Amazon, with SAML identity solutions, or by using your own identity system. In addition, Amazon Cognito enables you to save data locally on users devices, allowing your applications to work even when the devices are offline. You can then synchronize data across users devices so that their app experience remains consistent regardless of the device they use.
With Amazon Cognito, you can focus on creating great app experiences instead of worrying about building, securing, and scaling a solution to handle user management, authentication, and sync across devices.
With Cognito Identity, you can easily and securely add sign-up and sign-in functionality to your mobile and web apps. Cognito Identity is fully managed and can scale to support hundreds of millions of users. You can also implement enhanced security features, such as email and phone number verification, and multi-factor authentication. In addition, Cognito Identity lets you customize workflows through AWS Lambda such as adding app-specific logic to user registration for fraud detection and user validation. To learn more, visit our docs.
.png "Federated Identities")
Cognito Identity allows you to easily federate identities so that your users can sign-in through social identity providers such as Facebook, Twitter, Google, and Amazon or using your own identity solution. You can also let your users sign-in through identity providers that support Security Assertion Markup Language (SAML) such as Microsoft ADFS. When you use Amazon Cognito, your app is provided with temporary, limited-privilege credentials that it can use to access AWS resources. You can set granular access permissions on your AWS resources, for example, you can limit access to a folder within an S3 bucket to a particular app user, or enable unauthenticated users to access a restricted set of resources. This means your app can access the resources it needs and that you can follow security best practices by not hardcoding credentials in your app. To learn more, visit our docs.
.png "Store and Sync")
When you use Cognito Sync, your app can read and write to a local data store. This means that your app can work in the same way regardless of whether the device is online or offline. You can also save user data, such as user preferences, sign-in, and game state, and then sync this data across a user’s devices to make their experience consistent across their devices. Cognito Sync resolves conflicts and intermittent network connectivity, enabling you to focus on delivering great app experiences instead of creating and managing a user data sync solution. To learn more, visit our docs.
For customers interested in migrating existing user directories to Amazon Cognito, please contact us to discuss your migration options including available incentive and assistance programs and support.
Many organizations may have existing infrastructure for managing user identities, authentication and authorization, but maintaining and supporting these systems and keeping them up to date with evolving best security practices can be costly and time consuming.
Consequently, many organizations are looking to take advantage of cloud-based services to replace these existing systems and are looking for guidance and help to migrate them to the AWS cloud, which manages the heavy lifting for you so you can focus on running your business.
