It provides authentication, authorization, and user management for your web and mobile applications.
Users can sign in directly with a username and password, or through a third party such as Facebook, Amazon, Google or Apple.
Two ways to federate with Amazon Cognito are discussed below:
Cognito User Pools
A user pool is a user directory in Amazon Cognito. With a user pool, your users can sign-in to your web or mobile app through Amazon Cognito.
Users can also sign in through social identity providers like Google, Facebook, Amazon, or Apple, and through SAML (Security Assertion Markup Language) identity providers.
It uses lambda triggers to customize workflows access through SDK (Software Development Kit).Cognito Identity Pools
Amazon Cognito identity pools provide temporary AWS credentials for users who are guests (unauthenticated) and for users who have been authenticated and received a token.
Identities can come from cognito user pool and social Identity Providers.
Identity pools use AWS STS(Security Token Service) to obtain the credentials.
IAM role is assumed providing access to the AWS services.
Top comments (0)