Amazon Cognito allows developers to set up customer identity and access management (CIAM) capabilities, allowing users to sign-up, sign-in, and access customer-facing applications, web portals, or digital services for your organization.
Here you will find technical materials that describe how to accomplish a specific tasks with code samples you can re-use in your app. The first set of guides below teach you the essentials for Amazon Cognito user pools, Amazon Cognito identity pools, and AWS AppSync development.
Getting started
Amazon Cognito user pools
Amazon Cognito user pools makes it easy to create and maintain a user directory and add sign-up (user on-boarding) and sign-in to your mobile or web application for authentication, authorization, and resource access and control.
- Getting Started with Amazon Cognito User Pools
- Set up the sample app: iOS | Android | JavaScript (Angular 2)
Amazon Cognito identity pools
With Amazon Cognito identity pools, you can create unique identities and assign permissions for users. You can also sign in users through social identity providers, such as Facebook, Google, or Apple, or through corporate identity providers with SAML or OIDC and control access to your backend resources.
AWS AppSync
If you're new to Amazon Cognito Sync, use AWS AppSync. Like Amazon Cognito Sync, AWS AppSync is a service for synchronizing application data across devices.
It enables user data like app preferences or game state to be synchronized. It also extends these capabilities by allowing multiple users to synchronize and collaborate in real time on shared data.
AWS AppSync simplifies application development by letting you create a flexible API to securely access, manipulate, and combine data from one or more data sources. AppSync is a managed service that uses GraphQL to make it easy for applications to get exactly the data they need.
- AWS AppSync - Get started by platform
- For existing customers of Cognito Sync, here is a reference to get started with Amazon Cognito Sync
Workshop
Amazon Cognito Workshop
In this workshop, we will deep dive into Cognito and build out an authentication solution for a sample retail store. We will be working with Amazon Cognito user pools for API Authentication for a Hosted UI, Amazon Cognito user pools SDK with AWS Amplify, and the Amazon Cognito identity pools SDK.
Sample Applications
Sample pet store application
This sample web application demonstrates authentication and policy-based authorization of different user types to an imaginary pet store web application. This application uses Amazon Cognito for authentication and uses Amazon Verified Permissions for policy-based authorization, the application uses AWS Amplify platform to accelerate deployment and provisioning of backend resources.
Implement password-less authentication with Amazon Cognito
Password-less authentication improves security, reduces friction and provides better user experience for end-users of customer facing applications. Amazon Cognito provides features to implement custom authentication flows, which can be used to expand authentication factors for your application.
This solution demonstrates several patterns to support password-less authentication and provides reference implementations for these methods:
- FIDO2: AKA WebAuthn; sign in with Face, Touch, YubiKey, etc.
- Magic link sign-in: sign in with a one-time-use secret link that's emailed to you (and works across browsers).
- SMS-based step-up authentication: let an already signed-in user verify their identity again with a SMS One-Time-Password (OTP) without requiring them to type in their password.
The reference implementation of each of these authentication methods uses several AWS resources. This solution contains both CDK code (TypeScript) for the back end, as well as front-end code (TypeScript) to use in Web, React and React Native to help developers understand the building blocks needed and expand and adjust the solution as necessary.
Overview videos
Documentation
Amazon Cognito user pools (Developer Guide)
Follow these steps to set up and configure a user pool for the first time with the Amazon Cognito console
Set up the sample app: iOS | Android | JavaScript (Angular 2)
Amazon Cognito identity pools (Developer Guide)
Provides an overview and steps of Amazon Cognito identity pools for creating identities or setup user authentication with federated social or SAML-based identity providers.
Set up a sample app: iOS | Android
Integrate identity pools with user pools (Developer Guide)
Connect your users and apps to other AWS services.
Synchronize application data across devices
If you're new to Amazon Cognito Sync, use AWS AppSync. AWS AppSync is a service for synchronizing application data across devices. It enables user data like app preferences or game state to be synchronized. It also extends these capabilities by allowing multiple users to synchronize and collaborate in real time on shared data. For existing customers of Cognito Sync, here is a reference to get started with Amazon Cognito Sync.
AWS support knowledge center questions for Amazon Cognito
Get answers to commonly asked questions and use helpful articles to troubleshoot Amazon Cognito capabilities, such as account recovery, OIDC tokens, security settings, and more.
What's new
Developer tools and SDKs
Amazon Cognito user pools:
- API Reference
- JavaScript: SDK | Sample App (Angular 2) | Tutorial
- iOS: SDK | Sample App (Objective C) | Tutorial
- Android: SDK | Sample App | Tutorial
- Java: Sample App
- NET: Sample App
- AWS Amplify: Sample App
Amazon Cognito identity pools
- Android: SDK | Sample App
Amazon Cognito Sync
- API Reference
- iOS: SDK
- Android: SDK
In addition to using the higher-level mobile and JavaScript SDKs, you can also use the lower-level APIs available via the following AWS SDKs to integrate all Amazon Cognito functionality in your applications.
- Java: Install | Documentation | Learn more
- .NET: Install | Documentation | Learn more
- Node.js: Install | Documentation | Learn more
- Python: Install | Documentation | Learn more
- PHP: Install | Documentation | Learn more
- Ruby: Install | Documentation | Learn more
Blog posts and articles

Get started building with Amazon Cognito in the AWS Management Console.