Amazon Cognito

Amazon Cognito

Customer Verified
Top Rated
About TrustRadius Scoring
Score 8.3 out of 100
Top Rated
Amazon Cognito

Overview

Recent Reviews

Feature packed AWS service

7 out of 10
March 24, 2022
AWS Cognito is a life-saving service allowing role-based access control and acting as an external identity provider. AWS Cognito is also …
Continue reading

Simple and secure!

8 out of 10
July 29, 2021
This is used only by our tech department, but we are looking at doing a company-wide rollout as we are able to streamline the …
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Amazon Cognito, and make your voice heard!

Pricing

View all pricing

Starting Price

$0.01

Cloud
Per MAU

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Features Scorecard

No scorecards have been submitted for this product yet..

Product Details

What is Amazon Cognito?

Amazon Cognito is a mobile identity product that allows users to add user sign-up and sign-in to mobile and web apps, and authenticate users through social identity providers.

Amazon Cognito Video

Introduction to Amazon Cognito - User Authentication and Mobile Data Service on AWS

Amazon Cognito Technical Details

Deployment TypesSaaS
Operating SystemsUnspecified
Mobile ApplicationNo

Comparisons

View all alternatives

Frequently Asked Questions

What is Amazon Cognito?

Amazon Cognito is a mobile identity product that allows users to add user sign-up and sign-in to mobile and web apps, and authenticate users through social identity providers.

What is Amazon Cognito's best feature?

Reviewers rate Support Rating highest, with a score of 7.1.

Who uses Amazon Cognito?

The most common users of Amazon Cognito are from Enterprises (1,001+ employees) and the Computer Software industry.

Reviews and Ratings

 (41)

Ratings

Reviews

(1-16 of 16)
Companies can't remove reviews or game the system. Here's why
Piyush Goel | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User
Review Source
We use it for Authentication and Authorization of the mobile applications, and middleware that we write for our enterprise customers. We also evaluated it for the use-case of Federated Identity integration to other IDP solutions like Microsoft ActiveDirectory, etc. We also use it to enable MFA on a few web apps.
  • Easy to set-up.
  • Easy to configure the UserPools, and the Identity Pools.
  • Seamless Integration with AWS services like Lambda, IAM, etc.
  • Cheaper than other providers.
  • SCIM implementation is not present.
  • B2B SaaS use-cases are very hard to configure. More suitable or B2C use-cases.
  • Needs more recipes, plugins, SDK's.
  • 2FA with Email as an OTP channel is not supported.
  • 2 FA using biometrics is not available; can be customised using lambda.
Well Suited
  1. B2C mobile and web apps with a high number of users.
  2. Cheaper and cost-effective.
  3. If the other pieces of the infra are already using AWS services like Lambda, S3, Pinpoint, etc.
Not Suited For:
  1. Advanced use-cases (Biometrics based authentication) Email, and other MFA channels.
  2. For any use-cases needing SCIM.
  3. Customized flows of SSO, and MFA will need a layer on Lambda and other AWS services.

Randy Whitten, MBA, ITIL v.3, Doctoral Candidate (DIT) | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We have been using Amazon Cognito for about the last 3 years now and it has been a really good experience. The onboarding although needs a little bit of help as there was little documentation that would help to install and maintain the application for what we were wanting it to. But with support's help, we were able to jump in and get what we were looking for and we have been satisfied with it since the implementation was completed.
  • Installation
  • Support
  • Subject Matter Experts
  • Ability to fix the issues quickly and without transferring the calls.
  • Need better documentation.
  • It is very pricey.
  • Could maybe have video content to help with setting up the security.
With Amazon's support, we were able to complete what we were looking to accomplish. If you have an administrator that has been working in the AWS environment for a while they can assist with some of your questions. But save yourself time and open up a ticket with support and just get a tech on the line and have them walk you through the steps and you will be able to complete all the setup with minimal issues.
Score 7 out of 10
Vetted Review
Verified User
Review Source
AWS Cognito is a life-saving service allowing role-based access control and acting as an external identity provider. AWS Cognito is also meant temporary access to AWS storage or analytics services like s3 for external users. The use of lambda for any automation along with Amazon Cognito coordinating with AWS Pinpoint to supply you with analytics on client behavior is a bonus.
  • AWS SDK for Amazon Cognito.
  • Integration with other was services.
  • Scalability.
  • Cost.
  • Documentation for in house devs.
  • Features to support transitioning from different iDP.
If you are looking to deploy a web application without the need of integrating without an identity provider and still want access control, 2-factor authentication or want social identity federation. A solution that can be scalable and secure if you are unable to predict the response from the customers at the point in time. If you want to automate analytics after a user authenticates, then Amazon Cognito is suitable.
Philipp Pettit | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Amazon Cognito provides the means to easily view all web services that require authentication or user registrations to manage. We have been using it for the last two years to manage, develop and add web services, web and mobile applications as well as login modules and registrations protected thanks to its extensive database that ensures passwords are stored securely. Amazon Cognito can integrate with alternative identity providers like Facebook, works great with other AWS services, SNS for texting, SES for email, and API Gateway for authentication.
  • Provides the ability to add additional login options for your users with relative ease.
  • Setting up authentication in the app is very quick and easy.
  • It facilitates secure access to the data and applications we need to complete our tasks.
  • Amazon Cognito is secure and easy to use right out of the box.
Amazon Cognito is ideal for developers looking to create a secure login experience for their own apps, and set up authentication in their app very quickly and easily.
Score 6 out of 10
Vetted Review
Verified User
Review Source
Amazon Cognito is a verified authentication service to ensure a secure log in experience for everyone. With the authenticator, we can ensure all data accessed after being verified is safe and in good hands. This is especially valuable in a remote environment with many of our employees logging in from different places around the globe.
  • Secure login expereince
  • Easy to use platform
  • Quick process
  • Better support
  • Faster load times
Amazon Cognito is a good solution for businesses looking to secure their login process across remote / global entities. It provides an added verification step to ensure data is protected from bad actors or unauthorized users looking to steal your data. This wouldn't be a necessary product for someone who doesn't store sensitive data or information.
Iván García | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Amazon Cognito to simplify and forget to build from scratch the sign-in and log-in process in our applications. With Amazon Cognito you do not need to build the login process, sign-in mechanism, and all that stuff that is always the same one application after another, these constructs are already there to be used.
  • The sign-in process.
  • The login process.
  • Give permissions to users to use AWS services.
  • The Cognito documentation could have more easy to do examples of integrating it into the app.
  • The interface to administer users and groups could have more visual appealing.
If you have a simple app or any app that needs to manage users; you can delegate this to Amazon Cognito. You don't need to waste time thinking and building the sign-in process, where to store users, groups, credentials, etc. Cognito does all that for you, and if you want to go further you can also use Federate Services.
DR. RAKESH TRIPATHI | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Amazon Cognito is a great authentication solution for web applications and mobile applications. Amazon Cognito offers a secure login and secure user directory using this. Amazon Cognito can be useful for businesses or organizations, working on applications that need a simple yet secure authentication for the web and mobile applications.
  • With the integration of Amazon Cognito, application users can sign in through Social Media (Social Sign in like Sign with Facebook or Google).
  • Integration process is easy.
  • Customizable according to needs. UI is also great.
  • In case of any technical error, simple messages can be showed to end user which could be understood by everyone.
  • Documentation can be even better.
  • Apart from this everything is perfect for me.
Amazon Cognito is a very useful authentication solution for web applications along with mobile applications. It is easy to use and integrate.
It can be useful for scenarios like:
- Website/Application that requires for its users with email or social sign-in (Like Sign In with Facebook or Google).
- It is also has a customizable login screen, so some customization can be done to it easily.
Score 7 out of 10
Vetted Review
Verified User
Review Source
With Amazon Cognito, I built an entire user database - I also use it to develop small interactive web pages for my clients. AWS helps with the cloud requirements for our platforms and Amazon Cognito helps implement authentication/sign-ups to the platforms we use.
  • It helps login/sign-up to all social and business platforms.
  • It provides the option to control access to AWS from the application and it can be easily integrated with the applications.
  • The UI is highly customizable.
  • Amazon Cognito is a very expensive secure solution - its error resolution is still very tough - you can't identify and track them easily.
  • UI should be more interactive and user-friendly.
For startups, this solution is highly expensive but it is one of the most secure platforms out there. A technical person can easily understand the nuances and implement it to make the platforms more interactive. If the platform can be used without internet access or if offline sync is available - it'll make an even better solution.
Score 8 out of 10
Vetted Review
Verified User
Review Source
Amazon Cognito is used to authenticate web applications. It can also be used to authenticate mobile applications or to solve any authentication problems. We can quickly and easily deliver software with Amazon Cognito and integrate it with other AWS services, such as API Gateway & Application Load Balancer or OpenID Connect (OIDC) compliant services.
  • Easy to use and deploy, simplifying the development process.
  • Great integration with AWS services and OpenID Connect (OIDC) compliant.
  • User-friendly interface, which makes managing users, groups, and roles simple.
  • Passwordless authentication is complex to implement and difficult to deploy.
  • The documentation for AWS Cognito could be better and contain more complex solutions.
Amazon Cognito may be the best authentication service for those who use Amazon as a cloud provider. Also, Amazon Cognito can be configured easily and quickly if you need OpenID for your other AWS services (such as Application Load Balancer or API Gateway). When AWS is not your cloud provider and you are not using any cloud provider, then Amazon Cognito is less appropriate.
July 29, 2021

Simple and secure!

Score 8 out of 10
Vetted Review
Verified User
Review Source
This is used only by our tech department, but we are looking at doing a company-wide rollout as we are able to streamline the implementation. All staff in our company have a company-issued google account, so having a secure sign-in is a no-brainer. It also requires fewer accounts to manage on the employees' end.
  • Handles app sign on
  • Is fully secure.
  • Logon screen not fully customizable.
For the cost (it's very cheap!) this product is a no-brainer. It allows us to add Google Sign in to some of our most used company apps. It has a quick learning curve (for setup AND use). Connects to the Amazon servers quickly for authentication and the users no longer need to manage so many logins.
Miguel Angel Merino Vega | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use cognito to manage user sign in and authentication for our projects built on AWS architecture. Usually our clients need strong and reliable authentication features implying federated entities like Facebook across a software ecosystem.
  • Has good synergy with AWS ecosystem
  • Reliable sign-in features
  • Building a gateway Cognito User pool authorizer
  • Learning curve and documentation
  • Android SDK implementation
If you are working strongly with AWS technologies, Cognito is the way to go. On the other hand, if you work strongly with mobile technologies and federated identities, you could prefer firebase.
Score 10 out of 10
Vetted Review
Verified User
Review Source
We wanted to add user profiles to an existing SaaS app. We wanted all of the things that folks dream of, of course: It should be quick to implement, it should be stable and secure, and it should integrate well with our other services, and it should be extensible. Cognito turned out to be a dream. We used it to build the initial login page (supporting password auth and well as OAuth), and it handled all of that complexity for us very easily. We wanted users to be able to fill out "profile pages," and Cognito came built-in with extensible profile fields that we could populate without needing to add additional services, and we wanted to grant users access to some of our AWS microservices, and this was a very easy configuration in AWS, again without the need for any additional components. Amazon Cognito provided a complete Login and User Profile solution for our SaaS app.
  • Strong integration with React.js and client-side applications
  • Easy to bridge Cognito identities with the rest of the AWS ecosystem
  • Easy to store user profile data directly in Cognito rather than having to build additional services/endpoints
  • Easy integration with AWS Lambda to extend and add sophistication to the service
  • Cognito, as with all AWS tools, feels like strange alien technology and it takes some time to understand why it exists and what needs it serves. If they called it the "Amazon User Profile and Sign-In Service" they might have greater adoption.
  • More examples are always good, especially around using Lambdas to query or extend the Cognito data store.
If you're already using AWS, there's no reason why you should implement your own password authentication or OAuth flows when you can use Cognito instead. It solves that work for you astoundingly well. You might be tempted by a tool like Okta for OAuth flows, but unless you already have a hard dependency on it then you should go with Cognito instead. It's much lighter weight, and it's much more pleasant to extend it with lambdas.

If you don't have any AWS in your stack, or it's very very important to you to stay platform-independent for your login flows, then those are reasons to avoid Cognito.
AWS Support overall is poor. Your main resources are trainings and the docs, and the docs can be very confusing. Using Cognito well involves having a developer learn it deeply and help support your team in understanding it. That said, Cognito's competitors also have dismal support and even worse documentation, so while this isn't a strength for Cognito it may still be the frontrunner here.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We are moving to Cognito for our public websites. We used to have our own solution but moving to AWS put Cognito into the picture. Tests have been very good so we are now implementing it. As we potentially have millions of logins, AWS allows us to scale easily without any issues.
  • Easy to use and administer User Manager
  • Even easier to use for our clients
  • Setting it up is relatively easy
  • There is a learning curve for using it
Being in the AWS ecosystem makes Cognito a strong contender. We needed a kind of user manager for our public websites after moving to AWS. Cognito is the service suitable for this and it does fulfill our requirements. Though we are still in the process of moving, the tests are going great.
Community support is excellent, many times even better and quicker then the offical AWS support. I really cannot recommend community support enough! Apart from that the service is relativily easy to use and does not have a huge learning curve. Examples are easy to follow and will help you start using the service.
Apurv Doshi | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use Amazon Cognito for authentication purposes for mobile and web applications. It is used locally within our department. Being a service company, when our customers ask for other mechanisms, we adapt to them as well. We solve the sign-up and sign-in of the mobile and web application via Amazon Cognito.
  • It is really easy to set up signup and sign-in for mobile and web applications which makes overall development faster, helps focus more on business.
  • It supports multi factor authentication and standard encryption algorithm. This helps tighten the security without investing a lot of time.
  • It supports access management via Oauth 2.0 which makes authorization job easy.
  • User can use Google, Facebook and Microsoft AD services for sign-in purpose helps reducing user efforts to register or signup within the application.
  • As such I do not find any major things as cons. However they can improve the documentation.
  • Sometimes additional customisation increases complexity. Most of those advanced features are not used frequently.
This is a plug and play kind of service for sign-in, signup and access control. As this is a managed service, one need not take care of scale and other infrastructure issues. When the user scale is to a large extent or special compliance like HIPAA required, this one is worth trying. For a smaller user base, I prefer to go with the traditional approach.
It is easy to configure, scale and integrate. However, the documentation is a bit confusing. Summing them up, I will go for 8 out of 10.
Score 7 out of 10
Vetted Review
Verified User
Review Source
The engineering and data science teams at my organization use Amazon Cognito to provide user sign-up and sign-in for some internal tools that need to be accessible to digital freelancers. Amazon Cognito saves us time that we would have spent building user sign-in and is much more fully-featured than what we would have been able to justify building.
  • Amazon Cognito allows you to build multi-factor authentication with a few clicks.
  • Cognito supports sign-in with social identity providers like Facebook and Google.
  • It is easy to manage Cognito users through the Console.
  • It is easy to customize sign-up and sign-in workflows by integrating with AWS Lambda.
  • Amazon Cognito has a bit of a learning curve. You need to learn its concepts and terminology. The documentation does not describe some topics comprehensively.
  • Some Console screens would benefit from improved search and filtering options.
  • When another AWS product (e.g., SageMaker) configures Cognito on your behalf, it is not clear what you're getting. For example, the expiration of a temporary password was configured but never communicated.
Amazon Cognito is great for small, internal tools and for integrating with Amazon's serverless products. I would review its features very carefully if I were considering it for a larger, public-facing application because I believe that migrating off of Cognito would be problematic. Cognito is great for internal tools; for example, it has allowed our data scientists to build annotation tools with managed user pools without requiring engineering support.
Score 8 out of 10
Vetted Review
Verified User
Review Source
In our organization, we help customers who are currently using AWS Cognito. There are many Enterprise clients of ours who use Amazon Cognito. It's an amazing product I would say. The main business problem for us is while integrating the client applications, we need to decide how to integrate our application with other services like Gmail, Linkedin,...etc. For this purpose, Amazon Cognito does a great job with their SDK.
  • Can easily manage the users.
  • Very good UI design helps manage the users list efficiently.
  • Security groups and roles provides very efficient security.
  • Maybe they can improve more on the grouping part.
  • All the users come under the same Cognito User Pool. If the IAM can be restricted to per group level of User Pools, then that would be really helpful.
It's well suited for quick start of application, which needs to be integrated with multiple other applications. It may be not suited for applications which are already using high security in place, meaning if customers are already using OAuth, then I don't think this would be an effective solution.