Cognito
Identity management for your apps
Docs |
Overview
Handles user authentication and authorization for your web and mobile apps.
Features
User pool vs Identity pool
Purpose
user directory for sign-up and sign-in
temporary credential for access AWS services
Authen
SAML, Facebook, Google...
Supports unauthenticated (guest) access and federated identities.
Use Case
Managing user profile
Authentication in apps
granting users access to AWS resources
Token
JWT token
AWS credentials
Integration
often use with Identity pool
standalone
or with User pool
User pool
Social IdPs (Google, Facebook...) is based on OpenID, so to add social identity providers to the user pool, provide the app client ID and the app client secret.
Cognito Sync
Gives developers the ability to synchronize user profile data across mobile devices and the web.
Cognito Events
A feature of Cognito Sync, you can invoke a Lambda function in response to important activity in you identity pool.
Enable MFA
You can enable MFA (required, optional) or no MFA option for Cognito User. After enabling, app users can receive SMS or TOTP.
Concepts
TOTP: time-based one time password
Last updated