Cognito

Solution Architect Associate

Developer Associate

Security Specialty

  • Provides web identity federation
  • Provides:
    • Signup/sign in
    • Access for guest users
    • Acts as an Identity Broker between your application and web identity providers
    • Synchronizes user data for multiple devices
    • Recommended for all mobile apps which run on AWS

Cognito User Pools

  • User Pools are directories which are used to manage signup and signin functionality
  • Users can signin directly to the user pool, or indirectly through a web IDP
  • Cognito is an identity broker between the identity pool and AWS
  • Successful authentication generates a number of JSON Web Tokens (JWTs)
  • Identity pools enable you to create unique identities for your users and auth them
  • Cognito also tracks the association between user identity and the devices they sign in from
  • In order to provide a seamless user experience, Cognito uses Push Synchronization to push updates and synchronize user data when it changes
    • Push Notifications sent via SNS
< Previous: Artifact Next: Directory Service >