Amazon Cognito offers valuable features like integration with AWS services, seamless application integration, user management, and authentication efficiency. Federation, pre and post-token generation, triggers, OTP and email validation, and user management modules are highlighted. It supports scaling, multi-factor authentication, and secure credential storage. The software's ability to sync with various IDPs and provide single sign-on for API access is beneficial, streamlining user access management and enhancing security.
- "I rate Amazon Cognito nine out of ten."
- "What is quite valuable is that we can outsource storage of the credentials to AWS, and they manage it quite securely."
- "What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."
Amazon Cognito's integration ease and mobile developer experience could be enhanced. Documentation is often unclear, making implementation challenging. It lacks advanced security features such as proper MFA and password history tracking. Configuration complexity and high costs are concerns, especially for smaller organizations. User interface and token customization require improvement. The platform requires better localization for international setups and enriched user tracking and management capabilities. Documentation and intuitive UI need attention for a smoother experience.
- "I would rate its scalability as five out of ten. Moving users between different pools or accounts creates new identities, which means IDs stored in our database must also be changed."
- "Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API."
- "Amazon Cognito could be improved by making it easier for us to add more data to the token, allowing customization of JWT. It requires a complex program to customize the token currently, however, the UI could support this configuration better."