TrustRadius
A Learning Curve, but Great for Serverless
https://www.trustradius.com/mobile-identityAmazon CognitoUnspecified8.410101
No photo available
January 17, 2019

A Learning Curve, but Great for Serverless

Score 7 out of 101
Vetted Review
Verified User
Review Source

Overall Satisfaction with Amazon Cognito

The engineering and data science teams at my organization use Amazon Cognito to provide user sign-up and sign-in for some internal tools that need to be accessible to digital freelancers. Amazon Cognito saves us time that we would have spent building user sign-in and is much more fully-featured than what we would have been able to justify building.
  • Amazon Cognito allows you to build multi-factor authentication with a few clicks.
  • Cognito supports sign-in with social identity providers like Facebook and Google.
  • It is easy to manage Cognito users through the Console.
  • It is easy to customize sign-up and sign-in workflows by integrating with AWS Lambda.
  • Amazon Cognito has a bit of a learning curve. You need to learn its concepts and terminology. The documentation does not describe some topics comprehensively.
  • Some Console screens would benefit from improved search and filtering options.
  • When another AWS product (e.g., SageMaker) configures Cognito on your behalf, it is not clear what you're getting. For example, the expiration of a temporary password was configured but never communicated.
  • Amazon Cognito has had a positive impact on our business by allowing us to develop services that require user sign-up and sign-in more rapidly. Not only do we not need to build or maintain these features, but Cognito's implementation is also better than what we would be justified in building ourselves.
  • Amazon Cognito makes user management easy. This reduces the time we have to spend supporting users. Non-technical product managers can even use the AWS Console to manage users without requiring support from developers.
  • Amazon Cognito is likely more secure than what would be built in-house; a portion of our attack surface is now managed by Amazon.
It is easier to build multi-factor single sign-on with Okta. Okta has better documentation and provides a better developer experience. It lacks Cognito's seamless integration with other AWS products, however, integration with other Amazon products (like Lambda for customizing sign-in workflows, or SageMaker for Ground Truth labeling tools) is very powerful.
Amazon Cognito is great for small, internal tools and for integrating with Amazon's serverless products. I would review its features very carefully if I were considering it for a larger, public-facing application because I believe that migrating off of Cognito would be problematic. Cognito is great for internal tools; for example, it has allowed our data scientists to build annotation tools with managed user pools without requiring engineering support.