Cognito Overview

Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily.
Cognito scales to millions of users and supports sign-in with social identity providers, such as Facebook, Google, and Amazon, and enterprise identity providers via SAML 2.0.

User Pools

A user pool is a user directory in Cognito.
With a user pool, your users can sign in to your web or mobile app through Cognito, or federate through a third-party identity provider (IdP).
User pools provide:
- Sign-up and sign-in services.
- A built-in, customizable web UI to sign in users.
- Social sign-in with Facebook, Google, Login with Amazon, and Sign in with Apple, and through SAML and OIDC identity providers from your user pool.
- User directory management and user profiles.
- Security features such as multi-factor authentication (MFA), checks for compromised credentials, account takeover protection, and phone and email verification.
After successfully authenticating a user, b.

Identity Pools

With an identity pool, your users can obtain temporary AWS credentials to access AWS services, such as Amazon S3 and DynamoDB.
Identity pools support anonymous guest users, as well as the following identity providers that you can use to authenticate users for identity pools:
- Cognito user pools.
- Social sign-in with Facebook, Google, Login with Amazon, and Sign in with Apple.
- OpenID Connect (OIDC) providers.
- SAML identity providers.
- Developer authenticated identities.
To save user profile information, your identity pool needs to be integrated with a user pool.
Cognito identity pools (federated identities) enable you to create unique identities for your users and federate them with identity providers.

Cognito Sync

Cognito Sync is an AWS service and client library that enables cross-device syncing of application-related user data.
You can use it to synchronize user profile data across mobile devices and the web without requiring your own backend.
The client libraries cache data locally so your app can read and write data regardless of device connectivity status.
Requires Federated Identity Pools; not User Pools.

PreviousAPI Gateway Security NextAWS SAM (Serverless Application Model)

Last updated 3 years ago

User Pools

A user pool is a user directory in Cognito.

With a user pool, your users can sign in to your web or mobile app through Cognito, or federate through a third-party identity provider (IdP).

User pools provide:

Sign-up and sign-in services.
A built-in, customizable web UI to sign in users.
Social sign-in with Facebook, Google, Login with Amazon, and Sign in with Apple, and through SAML and OIDC identity providers from your user pool.
User directory management and user profiles.
Security features such as multi-factor authentication (MFA), checks for compromised credentials, account takeover protection, and phone and email verification.

After successfully authenticating a user, b.

Identity Pools

With an identity pool, your users can obtain temporary AWS credentials to access AWS services, such as Amazon S3 and DynamoDB.

Identity pools support anonymous guest users, as well as the following identity providers that you can use to authenticate users for identity pools:

Cognito user pools.
Social sign-in with Facebook, Google, Login with Amazon, and Sign in with Apple.
OpenID Connect (OIDC) providers.
SAML identity providers.
Developer authenticated identities.

To save user profile information, your identity pool needs to be integrated with a user pool.

Cognito identity pools (federated identities) enable you to create unique identities for your users and federate them with identity providers.

Cognito Sync

Cognito Sync is an AWS service and client library that enables cross-device syncing of application-related user data.

You can use it to synchronize user profile data across mobile devices and the web without requiring your own backend.

The client libraries cache data locally so your app can read and write data regardless of device connectivity status.

Requires Federated Identity Pools; not User Pools.