Try our new research platform with insights from 80,000+ expert users

Amazon Cognito vs ForgeRock comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Aug 11, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Amazon Cognito
Ranking in Access Management
6th
Average Rating
7.6
Reviews Sentiment
6.8
Number of Reviews
13
Ranking in other categories
No ranking in other categories
ForgeRock
Ranking in Access Management
9th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
30
Ranking in other categories
Identity Management (IM) (12th), Customer Identity and Access Management (CIAM) (4th)
 

Mindshare comparison

As of February 2025, in the Access Management category, the mindshare of Amazon Cognito is 6.4%, up from 6.2% compared to the previous year. The mindshare of ForgeRock is 6.6%, down from 6.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Access Management
 

Featured Reviews

Erik Aceiro - PeerSpot reviewer
Good integration with AWS services but not feasible for B2C because MFAs are nonexistent
The developer experience for mobile apps is terrible. Documentation is very poor and it is difficult to read the documents available to put things into practice. Our team has issues finding information related to using the solution. SDK and libraries available for mobile apps are terrible. For example, if you use MFA to migrate one user from your database to the pool, you need to use Lambda functions or other methods in AWS to get the solution enabled. It is extremely difficult to put a very, very scalable project into practice. Our team doesn't think you can use the solution for B2C on a large scale. We thought the solution would provide an agile experience but it does not. The solution needs to keep a history of passwords. For example, you should be able to check if customers used the same password in the past when connecting to a company by username and password. This type of feature is a must for our project. The MFA related to the solution's side is nonexistent. MFA should occur on the Facebook or Google side and also on the solution's side. This is a big problem because we have wallets, credit cards, and sensitive data stored for each customer. One layer of security is totally missing.
Trisha Bhola - PeerSpot reviewer
It's easier to customize and maintain our code
I worked on two different projects based on ForgeRock, and both are automated deployments. One is a UI-based deployment. It's an automated process using some scripts. The deployments are done through Octopus, so it's also automated. We first deploy the essential components of AM and then implement additional configurations like Amster Imports. After that, we import all the SAML Federation data and add some certificates. We have two teams of five and three team members working on the different deployment processes. One is working on the dev side, another is looking at the higher environment, and one is managing the data. In another project, I'm the only developer. We also deploy on the dev environments so that anyone can test new features, configurations, and client requirements. They can test it on the dev environment, but a team of four people manages higher environments. The Access Management component involves the most customization, which takes around 15 to 20 minutes because of the need to import the Amster configuration. If another deployment is simultaneously happening, it may be a little slower and take around 30 minutes. The other components, like the user data stores, take about five to seven minutes. It's another five to 10 minutes for Identity Management. After deployment, the maintenance is mostly checking for security vulnerabilities. If ForgeRock shares security vulnerabilities or advisories, we check to see if there is something inside we need to maintain. Other than that, we just install updates when they add features each month.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The multi-factor authentication setup has room for improvement."
"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."
"I appreciate Amazon Cognito's ability to scale with demand and its seamless user verification features."
"The features most valuable to us are the ability to integrate with various IDPs and the capability to sync with multiple applications."
"They offer a permission tool to help us manage multi-factor authentication."
"The federation is one of the most efficient features as the pricing is competitive."
"The solution is proto connective and integrates well with other AWS services."
"The most valuable features of Amazon Cognito are OTP validation and email validation."
"We create and define the permissions and configurations for the users."
"ForgeRock has CIAM, which other products didn't have, and they have DevOps ready."
"In terms of the tool's operational efficiency, ForgeRock Access Management is used in a lot of environments, different regions, and in different stages of production environments."
"The solution's most valuable feature is the authentication for the consumers. The integration with other third-party applications is excellent."
"The most valuable features of ForgeRock are social login and data protection."
"Installation and configuration are pretty easy for ForgeRock OpenIDM."
"ForgeRock is an extensive product with many functionalities and capabilities, much more than many other tools combined."
"The product is easy to use in a development environment."
 

Cons

"Amazon Cognito could be improved by making it easier for us to add more data to the token, allowing customization of JWT. It requires a complex program to customize the token currently, however, the UI could support this configuration better."
"The secure authentication of Amazon Cognito has benefited our company. We were previously using legacy signup systems."
"Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful."
"The MFA related to the solution's side is nonexistent."
"In a future release, we would like to have different methods to validate the characteristic of a user. For example, we would like to use biometric data to analyze the behavior of users."
"What I found generally lacking in AWS is privileged access management (PAM)."
"The ease and simplicity of integration could be improved when using this solution. When using Okta, scope is a single endpoint with a parameter as a scope. In the Cognito for each scope, there is a separate endpoint."
"Amazon Cognito’s UI needs improvement while onboarding new users."
"The solution requires more simplified customization. However, part of the problem is my clients determining their own preferences. Technology can help and do many things, but you have to define your own policies to ensure that the solution or service works within those parameters. Helping customers understand their business and different processes is another issue not relating to the functionality of this solution."
"ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant."
"We raised tickets asking for improvements, but sometimes we don't get the proper solution. They are responding, but the ticket is open for weeks and weeks. For some issues, we don't get a satisfactory solution or the solution doesn't work."
"Automatic Deployment needs improvement. it could be made easier."
"The identity management model needs a bit of improvement."
"In future releases, I would like to see easier integration with other solutions, like facial recognition and KYC solutions with biometric onboarding."
"I find that it's quite expensive for just an open-source system. Support is quite expensive."
"We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced."
 

Pricing and Cost Advice

"We pay $600 monthly per user for licences and there are no other additional costs."
"The product is relatively inexpensive compared to other tools."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."
"The pricing is bad so I rate it a two out of ten."
"The price of Amazon Cognito is low. The pricing model is based on the users."
"The price of Amazon Cognito is expensive. We are on an annual subscription."
"The pricing of this solution is good compared to other solutions on the market."
"The price of the solution depends on the number of users using it."
"It's a bit pricey and could be more competitive."
"ForgeRock's pricing is more competitive than other products."
"Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts. There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more."
"We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years."
"ForgeRock is an expensive solution."
"The license is purchased annually per user. However, you can negotiate if you are signing for a longer period of time. When comparing this solution to others on the market it is priced fair, it is not at the top of the price range or at the bottom end."
"The pricing of the solution is fair but I do not have the full details."
"Its price is comparable to other products in the market."
report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
838,640 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
9%
Healthcare Company
7%
Comms Service Provider
6%
Financial Services Firm
24%
Computer Software Company
12%
Insurance Company
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Amazon Cognito?
The most valuable feature of the solution is its swift authentication.
What is your experience regarding pricing and costs for Amazon Cognito?
Pricing is considered expensive for smaller organizations. Cognito's pricing was rated seven out of ten due to its cost.
What needs improvement with Amazon Cognito?
The setup and configuration can be complex, especially for advanced use cases. A dedicated documentation portal with comprehensive information would be helpful. The user interface could be more int...
What do you like most about ForgeRock?
The most valuable features of ForgeRock are social login and data protection.
What is your experience regarding pricing and costs for ForgeRock?
Our company was considering switching back to Keycloak from ForgeRock, so as to not pay any license fees. ForgeRock also supports M-PIN and biometric features that Keycloak does not provide. My com...
What needs improvement with ForgeRock?
In the past, I saw that Splunk was integrated with a testing portal, and then it was integrated with Slack. I don't think ForgeRock directly supports integrations with Slack, making it an area wher...
 

Also Known As

No data available
ForgeRock Identity Platform, ForgeRock OpenIDM
 

Overview

 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
Geico, Thomson Reuters, Salesforce, McKesson, Trinet, SKY, BNP Paribas, Deloitte, Capgemini, North Western University
Find out what your peers are saying about Amazon Cognito vs. ForgeRock and other solutions. Updated: January 2025.
838,640 professionals have used our research since 2012.