AWS Cognito is a best-in-class Authentication and User Profile provider
September 18, 2020
AWS Cognito is a best-in-class Authentication and User Profile provider
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Amazon Cognito
We wanted to add user profiles to an existing SaaS app. We wanted all of the things that folks dream of, of course: It should be quick to implement, it should be stable and secure, and it should integrate well with our other services, and it should be extensible. Cognito turned out to be a dream. We used it to build the initial login page (supporting password auth and well as OAuth), and it handled all of that complexity for us very easily. We wanted users to be able to fill out "profile pages," and Cognito came built-in with extensible profile fields that we could populate without needing to add additional services, and we wanted to grant users access to some of our AWS microservices, and this was a very easy configuration in AWS, again without the need for any additional components. Amazon Cognito provided a complete Login and User Profile solution for our SaaS app.
- Strong integration with React.js and client-side applications
- Easy to bridge Cognito identities with the rest of the AWS ecosystem
- Easy to store user profile data directly in Cognito rather than having to build additional services/endpoints
- Easy integration with AWS Lambda to extend and add sophistication to the service
- Cognito, as with all AWS tools, feels like strange alien technology and it takes some time to understand why it exists and what needs it serves. If they called it the "Amazon User Profile and Sign-In Service" they might have greater adoption.
- More examples are always good, especially around using Lambdas to query or extend the Cognito data store.
- ROI from Cognito comes in terms of developer velocity--you'll get logins and user identities up and running faster and more stably if you use Cognito. Once they're working, they'll keep working.
I've used bespoke solutions for password, email, and OAuth flows, I've used AuthZero, and I've used Okta. In all cases, Cognito wins:
1) It's more featureful, faster, prettier out-of-the-box, more extensible, AND cheaper than Auth Zero.
2) It's again all of those things compared to Okta, however, Okta has a stronger existing Enterprise following and that may encourage you to stick with it for uniformity purposes.
3) It's way better than making your own bespoke auth/profile services; don't even consider that anymore, the problem has been solved well.
Do you think Amazon Cognito delivers good value for the price?
Yes
Are you happy with Amazon Cognito's feature set?
Yes
Did Amazon Cognito live up to sales and marketing promises?
Yes
Did implementation of Amazon Cognito go as expected?
Yes
Would you buy Amazon Cognito again?
Yes