Likelihood to Recommend Well Suited B2C mobile and web apps with a high number of users. Cheaper and cost-effective. If the other pieces of the infra are already using AWS services like Lambda, S3, Pinpoint, etc. Not Suited For: Advanced use-cases (Biometrics based authentication) Email, and other MFA channels. For any use-cases needing SCIM. Customized flows of SSO, and MFA will need a layer on Lambda and other AWS services. Read full review SAP Identity Management manages organization identities centrally with a great amount of flexibility and efficiency. Compared to the conventional SAP solution of central user administration (CUA), SAP IDM (version 7.2/8.0) delivers a great number of benefits like: 1. Availability of connectors for non-SAP application identity management,
2. Modular/granular access management in the form of context-based business role definition.
3. It can be integrated with the SAP HR system for making entire user identity management automatic.
Read full review Pros Strong integration with React.js and client-side applications Easy to bridge Cognito identities with the rest of the AWS ecosystem Easy to store user profile data directly in Cognito rather than having to build additional services/endpoints Easy integration with AWS Lambda to extend and add sophistication to the service Read full review In my previous organization, to achieve the granularity of access based on organization restrictions, we implemented enabler role-based security roles. Provisioning the enabler roles through the SAP GRC was a great challenge (realistically improbable). Here came the SAP IDM to our rescue. It has a peculiar feature of context-based business role provisioning feature. Customized context & its association with security roles & user HR attributes, give us unique ability to achieve granularity of access provisioning. SAP IDM integrates with the SAP HR system and identity management becomes automatic. Read full review Cons Amazon Cognito has a bit of a learning curve. You need to learn its concepts and terminology. The documentation does not describe some topics comprehensively. Some Console screens would benefit from improved search and filtering options. When another AWS product (e.g., SageMaker) configures Cognito on your behalf, it is not clear what you're getting. For example, the expiration of a temporary password was configured but never communicated. Read full review SAP Identity management should come up with connectors for almost all not SAP applications, which will enable the use of SAP IDM as a one-stop solution for organizations' identity management. Read full review Usability All the features AWS Cognito offers gives the user the options they need without making it too complicated. Your customers will be happy. On the administration site usability is also great. After a small learning curve, you can setup Cognito for your usage
Read full review Support Rating AWS Support overall is poor. Your main resources are trainings and the docs, and the docs can be very confusing. Using Cognito well involves having a developer learn it deeply and help support your team in understanding it. That said, Cognito's competitors also have dismal support and even worse documentation, so while this isn't a strength for Cognito it may still be the frontrunner here.
Read full review As IDM heavily relies on JAVA/SQL as a development language, finding skills resources sometimes becomes challenging. But SAP has strong support available for this product which makes it reliable for long term use within an organization.
Read full review Alternatives Considered They are ideal tools to create a secure and unique login experience for our applications. Thanks to its API authorization, Amazon Cognito ensures connections to applications that are secure.It is easy to use and provides easy access to files and applications that you need to complete your goal.
Read full review SAP IDM offers a great deal of benefits/features compared to conventional access provisioning with SAP.
1. Conventional SAP user administration solution like CUA has great limitations. e.g. only SAP systems can be managed. Low-performance issues, unreliable access provisioning, and risk analysis were missing.
2. SAP IDM integrates with SAP GRC solution to perform the reliable risk analysis before access provisioning. Its context feature allows granular access provisioning.
Read full review Return on Investment ROI is great for Amazon Cognito Overall. It is included in the AWS Free Tier so you can use it for a good amount without paying, so the software can be tested beforehand. The paid pricing is also affordable, so a positive impact on ROI. Read full review SAP IDM has the huge potential to minimize risks arising out of disorganized identity management within an organization. As all identities are managed centrally, there is very little room for manipulation of an identity. As this solution has the ability to integrate with SAP GRC, risk analysis becomes mandatory before any access provisioning takes place. As the solution is automatic, hiring to employee exits is managed with a minimal margin of error. Read full review ScreenShots