Cognito
Identity management for your apps
Last updated
Identity management for your apps
Last updated
|
Handles user authentication and authorization for your web and mobile apps.
Purpose
user directory for sign-up and sign-in
temporary credential for access AWS services
Authen
SAML, Facebook, Google...
Supports unauthenticated (guest) access and federated identities.
Use Case
Managing user profile
Authentication in apps
granting users access to AWS resources
Token
JWT token
AWS credentials
Integration
often use with Identity pool
standalone
or with User pool
Social IdPs (Google, Facebook...) is based on OpenID, so to add social identity providers to the user pool, provide the app client ID and the app client secret.
Gives developers the ability to synchronize user profile data across mobile devices and the web.
A feature of Cognito Sync, you can invoke a Lambda function in response to important activity in you identity pool.
TOTP: time-based one time password
You can enable MFA (required, optional) or no MFA option for Cognito User. After enabling, app users can receive SMS or .