Likelihood to Recommend Well Suited B2C mobile and web apps with a high number of users. Cheaper and cost-effective. If the other pieces of the infra are already using AWS services like Lambda, S3, Pinpoint, etc. Not Suited For: Advanced use-cases (Biometrics based authentication) Email, and other MFA channels. For any use-cases needing SCIM. Customized flows of SSO, and MFA will need a layer on Lambda and other AWS services. Read full review Nervepoint Technologies Ltd
HyperSocket is very well suited if the resources and budget are made available. There is not much a learning curve for the IT Department or for those users already familiar with two-factor authentication. There will be some education and training requirements for most end-users as the notifications and general verbiage can be confusing for some. It may also show some exploits within some end-users who are unaware of a notification but will use the email to reset an expired password without thinking twice if it may have been a phishing email or the opposite where an end-user deletes or ignores the expiration email notification expecting it to be spam/phishing.
Read full review Pros Strong integration with React.js and client-side applications Easy to bridge Cognito identities with the rest of the AWS ecosystem Easy to store user profile data directly in Cognito rather than having to build additional services/endpoints Easy integration with AWS Lambda to extend and add sophistication to the service Read full review Nervepoint Technologies Ltd
Self service password resets Ability to synchronize a primary account password with secondary accounts Flexibility and intuitivness Read full review Cons Amazon Cognito has a bit of a learning curve. You need to learn its concepts and terminology. The documentation does not describe some topics comprehensively. Some Console screens would benefit from improved search and filtering options. When another AWS product (e.g., SageMaker) configures Cognito on your behalf, it is not clear what you're getting. For example, the expiration of a temporary password was configured but never communicated. Read full review Nervepoint Technologies Ltd
Help-Desk functionality similar to OneIdentity Self-Service Password Manager, as it provides additional users that do not require administrative access to assist with managing end-users who may have locked themselves out of HyperSocket Access Manager by forgetting their own security questions. Too many features which become unusable and feel like the payment plans are not flexible since it's an all-in-one product with one price. It is not necessarily a bad thing as most subscription-based pricing forces a buyer to pay more for an integral service that is only available on the highest price-plan. You really do get what you pay for, but we found many of our use-case scenarios limited the product. This isn't necessarily against the product, just a personal opinion around Multi-Factor authentication which is always primarily driven mobile devices. Not all companies or end-users have access to a multi-factor device, (or in our case, are allowed to have access to a cell phone while servicing members/clients). This creates a shortfall to allow multi-factor functionality to extend to all users unless there are hardware tokens, which can be miss placed or left out more easily as most users don't treat it the same way they would their personal smartphone. Read full review Usability All the features AWS Cognito offers gives the user the options they need without making it too complicated. Your customers will be happy. On the administration site usability is also great. After a small learning curve, you can setup Cognito for your usage
Read full review Nervepoint Technologies Ltd
Support Rating AWS Support overall is poor. Your main resources are trainings and the docs, and the docs can be very confusing. Using Cognito well involves having a developer learn it deeply and help support your team in understanding it. That said, Cognito's competitors also have dismal support and even worse documentation, so while this isn't a strength for Cognito it may still be the frontrunner here.
Read full review Nervepoint Technologies Ltd
Alternatives Considered They are ideal tools to create a secure and unique login experience for our applications. Thanks to its API authorization, Amazon Cognito ensures connections to applications that are secure.It is easy to use and provides easy access to files and applications that you need to complete your goal.
Read full review Nervepoint Technologies Ltd
Nervepoint Access Manager (NAM) has the ability to deal with multiple domains. While
ServiceNow at the time we looked at the solution did not (I do not know if it does now). NAM was a more polished, mature product.
Read full review Return on Investment ROI is great for Amazon Cognito Overall. It is included in the AWS Free Tier so you can use it for a good amount without paying, so the software can be tested beforehand. The paid pricing is also affordable, so a positive impact on ROI. Read full review Nervepoint Technologies Ltd
As with any IT Service or Solution, the investment will always be seen as a sunk cost. The only ROI would be the time and resources spent elsewhere rather than with Password Management through an IT Department or similar department. I found that the time spent on password management was about the same, as many users who are frequently forgetting a password are also forgetting their security question & answers. There are some positives, as it was able to help manage the bulk of their non-windows passwords or passwords related to another online service. The centralized password manager doesn't feel like a true single sign-on but for most users, it replaces a hand-written copy they have taped to a monitor. It can help with automating some of the active directory workflows with its own user provisioning functionality. Took more time to set up than it was to manage on its own. Read full review ScreenShots