Amazon Cognito
Customer identity and access management for your web and mobile apps.
Free Tier MAUs
50,000
Compliance Standards
HIPAA, PCI DSS, SOC, ISO/IEC 27001
Identity Standards
OAuth 2.0, SAML 2.0, OpenID Connect
About Amazon Cognito
Amazon Cognito is a robust identity platform that handles user authentication, authorization, and user management for applications, scaling to millions of users. It consists of two main components: User Pools, which are secure user directories for managing sign-up and sign-in, and Identity Pools, which grant users temporary access to other AWS services. Cognito supports federation with popular social identity providers like Apple, Google, and Facebook, as well as enterprise identity providers via SAML 2.0 and OpenID Connect. It also includes advanced security features like multi-factor authentication (MFA), compromised credential detection, and is compliant with standards such as HIPAA, PCI DSS, and SOC.
Core Components
User Pools
A fully managed user directory for handling user registration, authentication, and account recovery.
Identity Pools
Provide temporary AWS credentials to grant your users access to other AWS services.
Identity Federation
Social Providers
Supports sign-in with Apple, Google, Facebook, and Amazon.
Enterprise Providers
Supports corporate identities through SAML 2.0 and OpenID Connect (OIDC) identity providers.
Security & Compliance
Multi-Factor Authentication
Built-in support for SMS-based and Time-based One-Time Password (TOTP) MFA.
Advanced Security
Includes features for compromised credential detection, risk-based adaptive authentication, and suspicious IP blocking.
Compliance
Eligible for programs like HIPAA, PCI DSS, SOC, ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, and ISO 9001.