Amazon Cognito is a mobile identity product that allows users to add user sign-up and sign-in to mobile and web apps, and authenticate users through social identity providers.
$0.01
Per MAU
Microsoft Entra ID
Score 8.9 out of 10
N/A
Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.
Microsoft Entra ID is a must in any office 365 environment, but it is also useful to integrate into other applications so you can offer a single SSO service to your users without any additional products.
It scales well so it can easily be implemented in a business with 5 users or 1000.
The features that are included are great even without paying an additional subscription, but there are a few features from a P1 subscription that add a lot of important features that will help keep users safer from attacks.
The use has given us the reason that until now, with Entra ID, we have had a superior user experience than what we have had with other programs according to the fact that logging is super easy and very fast and the multicloud environment allows access from anywhere easily.
Identity management is easy; I place a strong point on the visibility and control given to the applications. I believe that in this sense, they have made an effort to create a safe, intuitive and easy-to-learn environment for the average user.
Authentication and access to data are strong; they have an encryption mode that protects each kb, this makes us feel safe.
The integration of apps from Workforce is very convenient, you can integrate from any device even when you are traveling and this does not generate any inconvenience, blocking, etc.
Amazon Cognito has a bit of a learning curve. You need to learn its concepts and terminology. The documentation does not describe some topics comprehensively.
Some Console screens would benefit from improved search and filtering options.
When another AWS product (e.g., SageMaker) configures Cognito on your behalf, it is not clear what you're getting. For example, the expiration of a temporary password was configured but never communicated.
It has been an essential tool and we have had very few problems using it. Nothing comes close that I have seen, though given how well it has worked out for us I really don't look very hard. The value is extremely high when you consider you get Microsoft Entra ID and the rest of the Microsoft 365 platform for one price.
All the features AWS Cognito offers gives the user the options they need without making it too complicated. Your customers will be happy. On the administration site usability is also great. After a small learning curve, you can setup Cognito for your usage
Easy rollout across organizations, accessible from any device securely, and easy integration with Microsoft products and its services. Microsoft technical consulting services and team helps an organization to connect all dots which make Organization IT professionals' life easier. Easy to use hence adaption is faster and no major training needs to conduct for users.
AWS Support overall is poor. Your main resources are trainings and the docs, and the docs can be very confusing. Using Cognito well involves having a developer learn it deeply and help support your team in understanding it. That said, Cognito's competitors also have dismal support and even worse documentation, so while this isn't a strength for Cognito it may still be the frontrunner here.
Microsoft has offered Azure Active Directory as a solution for a couple of decades now, so they have seen and anticipated almost any issue that an organization may face and can therefore help. The cloud offering of Azure Active Directory offers some additional "self healing" or monitoring services that can minimize the need for a service call. However, as with most large companies supporting a fast growing market, there may be some gaps in service knowledge (and particularly processing) from the front line / tier one staff as they follow a corporate script at first contact.
Make sure you use a good partner. Our implementation was a bit longer and more problematic than we expected. Our partner got it done, but, in my opinion, some of their inexperience and staffing issues were evident.
They are ideal tools to create a secure and unique login experience for our applications. Thanks to its API authorization, Amazon Cognito ensures connections to applications that are secure.It is easy to use and provides easy access to files and applications that you need to complete your goal.
We had implemented Okta previously and had a great experience with it. I was not involved in the setup or admin but did deal with end user support during that time. We made the move to azure AD since it made the most sense for our environment, and to have fewer spices in the pot so to speak.
Microsoft Professional Services' technical knowledge is appreciable as consultants design the solution as per customer requirements. Mapping of features per user specifications and assisting Customer IT engineers to implement so they can manage and administer the services.
While not specifically a monetary ROI, we've seen a great return on our time spent managing user accounts and SSO implementations. As almost everyone is compatible with Entra, it has been relatively easy to set up SSO for various services, and we spend less time managing user accounts(password resets, diagnosing login issues, etc.).
The reporting tools are also great for showing our administrative users (who are less tech-savvy) the added security benefits that Entra provides. It's easy to show them a report with the number of blocked sign-ins due to location restrictions, missing MFA requirements, or the number of "risky users" (potentially compromised accounts).
Being able to clearly demonstrate that all accounts are protected by a second factor has also lowered our insurance premiums, thus saving money for the entire organization.
