Simple Notification Service (SNS)
Kinesis + MQ
Databases & Analytics
Cognito Overview
  • Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily.
  • Cognito scales to millions of users and supports sign-in with social identity providers, such as Facebook, Google, and Amazon, and enterprise identity providers via SAML 2.0.

User Pools

  • A user pool is a user directory in Cognito.
  • With a user pool, your users can sign in to your web or mobile app through Cognito, or federate through a third-party identity provider (IdP).
  • User pools provide:
    • Sign-up and sign-in services.
    • A built-in, customizable web UI to sign in users.
    • Social sign-in with Facebook, Google, Login with Amazon, and Sign in with Apple, and through SAML and OIDC identity providers from your user pool.
    • User directory management and user profiles.
    • Security features such as multi-factor authentication (MFA), checks for compromised credentials, account takeover protection, and phone and email verification.
  • After successfully authenticating a user, b.

Identity Pools

  • With an identity pool, your users can obtain temporary AWS credentials to access AWS services, such as Amazon S3 and DynamoDB.
  • Identity pools support anonymous guest users, as well as the following identity providers that you can use to authenticate users for identity pools:
    • Cognito user pools.
    • Social sign-in with Facebook, Google, Login with Amazon, and Sign in with Apple.
    • OpenID Connect (OIDC) providers.
    • SAML identity providers.
    • Developer authenticated identities.
  • To save user profile information, your identity pool needs to be integrated with a user pool.
  • Cognito identity pools (federated identities) enable you to create unique identities for your users and federate them with identity providers.

Cognito Sync

  • Cognito Sync is an AWS service and client library that enables cross-device syncing of application-related user data.
  • You can use it to synchronize user profile data across mobile devices and the web without requiring your own backend.
  • The client libraries cache data locally so your app can read and write data regardless of device connectivity status.
  • Requires Federated Identity Pools; not User Pools.