Amazon Cognito vs. Azure Multi-Factor Authentication (Discontinued)

Well Suited

1. B2C mobile and web apps with a high number of users.
2. Cheaper and cost-effective.
3. If the other pieces of the infra are already using AWS services like Lambda, S3, Pinpoint, etc.

Not Suited For:

1. Advanced use-cases (Biometrics based authentication) Email, and other MFA channels.
2. For any use-cases needing SCIM.
3. Customized flows of SSO, and MFA will need a layer on Lambda and other AWS services.

Incentivized

If your solution falls within their standard use case or you have Office 365 - then it makes total sense. If you need a lot of customization or have a really specific business process that causes you to deviate from the standard flow it usually makes more sense to create a custom solution

Incentivized

• Strong integration with React.js and client-side applications
• Easy to bridge Cognito identities with the rest of the AWS ecosystem
• Easy to store user profile data directly in Cognito rather than having to build additional services/endpoints
• Easy integration with AWS Lambda to extend and add sophistication to the service

Incentivized

• Ease of use
• Interoperability
• Industry standard

Incentivized

• Amazon Cognito has a bit of a learning curve. You need to learn its concepts and terminology. The documentation does not describe some topics comprehensively.
• Some Console screens would benefit from improved search and filtering options.
• When another AWS product (e.g., SageMaker) configures Cognito on your behalf, it is not clear what you're getting. For example, the expiration of a temporary password was configured but never communicated.

Incentivized

• It can be difficult to work with when deviating off the standard use cases

Incentivized

Amazon Cognito is easy to use and implement if you don't need to implement custom policies. But if your security team requires something outside the box, then implementation becomes complicated and you risk wasting time. There is no option for customizable regex for passwords, which is a major deficiency. The standard password policy, allow to choose the length of the password, if it should contains at least one number, one special character, one uppercase letter and one lowercase letter.

Incentivized

Community support is excellent, many times even better and quicker then the offical AWS support. I really cannot recommend community support enough! Apart from that the service is relativily easy to use and does not have a huge learning curve. Examples are easy to follow and will help you start using the service.

Incentivized

They are ideal tools to create a secure and unique login experience for our applications. Thanks to its API authorization, Amazon Cognito ensures connections to applications that are secure.It is easy to use and provides easy access to files and applications that you need to complete your goal.

Incentivized

Honestly, they are very similar as is much of their offerings. It really comes down to which ecosystem are you already invested in? It doesn't make a lot of sense to try and interop with every cloud vendor - pick one and use them. While there used to be substantial differences in the cloud platforms, they are at basic parity now

Incentivized

• ROI is great for Amazon Cognito Overall.
• It is included in the AWS Free Tier so you can use it for a good amount without paying, so the software can be tested beforehand.
• The paid pricing is also affordable, so a positive impact on ROI.

Incentivized

• Overall, it's a really good value compared to building a custom solution that you have to maintain

Incentivized