Likelihood to Recommend Well Suited B2C mobile and web apps with a high number of users. Cheaper and cost-effective. If the other pieces of the infra are already using AWS services like Lambda, S3, Pinpoint, etc. Not Suited For: Advanced use-cases (Biometrics based authentication) Email, and other MFA channels. For any use-cases needing SCIM. Customized flows of SSO, and MFA will need a layer on Lambda and other AWS services. Read full review The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks. It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.
Read full review Pros Strong integration with React.js and client-side applications Easy to bridge Cognito identities with the rest of the AWS ecosystem Easy to store user profile data directly in Cognito rather than having to build additional services/endpoints Easy integration with AWS Lambda to extend and add sophistication to the service Read full review Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server. Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc. Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage. Read full review Cons Amazon Cognito has a bit of a learning curve. You need to learn its concepts and terminology. The documentation does not describe some topics comprehensively. Some Console screens would benefit from improved search and filtering options. When another AWS product (e.g., SageMaker) configures Cognito on your behalf, it is not clear what you're getting. For example, the expiration of a temporary password was configured but never communicated. Read full review GUI - right now everything is on one page/dashboard. Some level of folder/Safe type view would be great More options when storing passwords - especially for network based passwords Better integrations with vendors like Cisco so that admins dont need to really get the password from the vault (think Last Pass type add on) Read full review Usability All the features AWS Cognito offers gives the user the options they need without making it too complicated. Your customers will be happy. On the administration site usability is also great. After a small learning curve, you can setup Cognito for your usage
Read full review Support Rating AWS Support overall is poor. Your main resources are trainings and the docs, and the docs can be very confusing. Using Cognito well involves having a developer learn it deeply and help support your team in understanding it. That said, Cognito's competitors also have dismal support and even worse documentation, so while this isn't a strength for Cognito it may still be the frontrunner here.
Read full review Customer support and technical support have always been great when we require assistance. Especially when we come across issues that we're not familiar with.
Read full review Alternatives Considered They are ideal tools to create a secure and unique login experience for our applications. Thanks to its API authorization, Amazon Cognito ensures connections to applications that are secure.It is easy to use and provides easy access to files and applications that you need to complete your goal.
Read full review It is known as one of the safest products in the market. It has good support and is also available as on-premise. You can run it virtually on VMWare (and probably on other hypervisors as well). You can have a second instance on bare metal and that makes it a very safe system.
Read full review Return on Investment ROI is great for Amazon Cognito Overall. It is included in the AWS Free Tier so you can use it for a good amount without paying, so the software can be tested beforehand. The paid pricing is also affordable, so a positive impact on ROI. Read full review Decreased the probability of an external cyber attack to privileged accounts.. Management can control privileged account life cycle management more effectively Recording privileged sessions allows our organization to play back exactly the point of a breach or malicious behavior Automated system to manage and verify passwords, as privileged accounts are constantly created and deleted Automatic PWD change functionality will substantially decrease probability of PWD theft or misuse. Read full review ScreenShots CyberArk Privileged Access Management Screenshots