Try our new research platform with insights from 80,000+ expert users

Amazon Cognito vs Microsoft Entra ID comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Aug 11, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Amazon Cognito
Ranking in Access Management
7th
Average Rating
7.4
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
No ranking in other categories
Microsoft Entra ID
Ranking in Access Management
1st
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
225
Ranking in other categories
Single Sign-On (SSO) (1st), Authentication Systems (1st), Identity Management (IM) (1st), Identity and Access Management as a Service (IDaaS) (IAMaaS) (1st), Microsoft Security Suite (2nd)
 

Mindshare comparison

As of April 2025, in the Access Management category, the mindshare of Amazon Cognito is 6.6%, up from 6.5% compared to the previous year. The mindshare of Microsoft Entra ID is 28.2%, up from 23.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Access Management
 

Featured Reviews

Wojciech Doganowski - PeerSpot reviewer
International setup localization challenges drive custom development while outsourcing credential management enhances security
We are using it in an international setup where we have multiple services running in multiple countries. Cognito localizes only regarding language, but the service is localized in each country. Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API. I hope they will fix this soon because it's useful to rely on already prepared flows for all the account management. As it doesn't work with different languages, rewriting it is quite complicated. Additionally, maybe they could find another step in the price so there is not such a significant jump from the basic to extended functionality. Some flexibility would be helpful.
Aaron Liang - PeerSpot reviewer
Has significantly improved secure access to applications and resources in our environment
Microsoft Entra ID has helped by simplifying our management of permissions for APIs. We are not directly exposing credentials, as we use tokens instead. It has made management easier and more secure, especially in a multi-user environment. The implementation of Microsoft Entra ID significantly improved secure access to applications and resources in our environment, primarily through the widespread use of single-sign-on. Managing API permissions became much easier, as application registration often involves calling an API to utilize services without directly exposing credentials, relying instead on token-based authentication. This streamlined approach benefits end-users by simplifying access while remaining transparent to them. Ultimately, my role focuses on ensuring a smooth and user-friendly experience, even if the underlying technology remains unseen by the end-users. Our company strongly emphasizes passwordless authentication, primarily through device-bound passkeys in Microsoft Authenticator. While administrators with high-privileged accounts utilize YubiKeys and passwords for tasks like accessing Microsoft Graph, we are actively transitioning all other users towards passwordless methods such as Windows Hello biometrics. This approach streamlines authentication and enhances security. Though initial deployment in 2022 presented challenges due to hardware limitations and the lingering effects of the COVID-19 pandemic, the technology has significantly improved and provides a simple and effective user experience.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of Amazon Cognito are the pre and post-token generation, and the different Cognito triggers. It has lots of functionality and flexibility."
"I appreciate Amazon Cognito's ability to scale with demand and its seamless user verification features."
"I rate Amazon Cognito nine out of ten."
"Cognito speeds up our development and saves us time."
"This is a scalable solution. If our app or general usage increases, this solution can support it."
"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."
"The solution is proto connective and integrates well with other AWS services."
"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."
"Entra ID has helped us implement role-based authentication rather than conditional keys."
"After implementing Microsoft Entra ID, secure access to apps has become seamless."
"It helps with privacy control of identity data. It makes security very easy."
"The stability of Microsoft Entra ID is very great."
"We can have an audit and we can easily audit logs."
"It is a very straightforward implementation."
"The most valuable feature of the solution is its ability to delegate roles to each individual resource, which is great."
"The cloud security part is very valuable. Security is the most important thing in today's world. With Azure Active Directory, there are some features that tell you how you need to improve your security level. It informs you if you set up certain policies, e.g., this is where my users sign in. It tends to let you know if your organization has been breached with this security set up. Therefore, it is easier to know when you have been breached, especially if you set up a Conditional Access policy for your organization."
 

Cons

"I believe this product could improve by enriching user profiles."
"Amazon Cognito’s UI needs improvement while onboarding new users."
"There is room for improvement in Amazon Cognito."
"Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful."
"Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API."
"What I found generally lacking in AWS is privileged access management (PAM)."
"Amazon Cognito could improve by simplifying the configuration."
"In a future release, we would like to have different methods to validate the characteristic of a user. For example, we would like to use biometric data to analyze the behavior of users."
"It would be an improvement if Authenticator made it easier to recover the app if you reboot your cellphone and lose access."
"The monitoring dashboard could be a bit better."
"They have had a few outages, so stability is a little bit of an issue. It is global. That is the thing. I know some of the other competitors are regionalized ID platforms, but Entra ID is global, so when something goes wrong, it is a problem because it underpins everything, whether you are logging in to M365 or you have single sign-on to Azure, Autopilot, Intune, Exchange mailbox or another application. If there is a problem with Entra ID, all of that falls apart, so its great strength and weakness is the global single tenant for it. Stability is a key area for me. Otherwise, it is generally pretty good."
"The automation aspects of Entra ID could be improved, particularly when automating through different providers and SDKs. It's somewhat clunky to automate ID management, but it's great once it's set up. I would also like to see better Terraform support."
"Initially, we wanted to exclude specific users from MSA. So, we had a condition policy, which forces MSA for all the users. So we wanted to exclude users who are using an NPS extension. So it was not listed, as a NPS extension was not listed outside an application, in actual, so, we go back and were not able to exclude users using NPS extension from MSA. So that was one limitation that we found and we had to work around that."
"Definitely, the price could be lower. When we moved from AWS to Azure, we started paying more."
"One thing that bothers me about Azure AD is that I can't specify login hours. I have to use an on-premises instance of Active Directory if I want to specify the hours during which a user can log in. For example, if I want to restrict login to only be possible during working hours, to prevent overtime payments or to prevent lawsuits, I can't do this using only Azure AD."
"Azure AD does not support legacy authentication protocols, such as NTLM or Kerberos."
 

Pricing and Cost Advice

"The pricing of this solution is good compared to other solutions on the market."
"The product is relatively inexpensive compared to other tools."
"The pricing is bad so I rate it a two out of ten."
"The price of Amazon Cognito is expensive. We are on an annual subscription."
"The price of Amazon Cognito is low. The pricing model is based on the users."
"The price of the solution depends on the number of users using it."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."
"We pay $600 monthly per user for licences and there are no other additional costs."
"Licensing fees are paid monthly."
"We are working with the Premium P2 licenses, which are reasonable. If you invest in the on-premises environment setup, then it costs so much. However, on-prem AD gives you the ability to manage your organization in a very organized manner, where you can create a group policy."
"The product's price is in the midrange."
"This product is sold as part of the enterprise package and our licensing fees are paid on a yearly basis."
"The price of Azure Active Directory and Amazon AWS, are almost the same, but most people prefer Amazon AWS because they find it's a little cheaper to some extent and an easier platform to use."
"Entra ID is not too bad, but Microsoft licensing generally is insane. Most customers normally buy a bundle license with Microsoft 365, E3, or E5. Out of our 2,000 customers, for 99.9% of our customers, the Entra ID license that they are getting through the part of that would be sufficient. There are some more advanced ones that give you a bit more functionality, but we probably have not had a customer for that. We do not even internally use that ourselves. When you buy the Entra ID license on its own, it is probably three or four pounds. You just get it included in the license."
"We pay about $35 per user."
"The E5 plan we are using contains the premium plans for Azure Active Directory. We are not paying only for the Azure Active Directory Premium licenses. We have it already included within our E5 plan."
report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Comms Service Provider
8%
Financial Services Firm
7%
Government
7%
Educational Organization
30%
Computer Software Company
10%
Financial Services Firm
9%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Amazon Cognito?
The most valuable feature of the solution is its swift authentication.
What is your experience regarding pricing and costs for Amazon Cognito?
The basic functionality is reasonably priced, but the extended functionalities, especially the extended security, are quite expensive. There is a significant jump from the basic to the extended fun...
What needs improvement with Amazon Cognito?
We are using it in an international setup where we have multiple services running in multiple countries. Cognito localizes only regarding language, but the service is localized in each country. Cog...
How does Duo Security compare with Microsoft Authenticator?
We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier. Duo Security is easy to configure a...
What do you like most about Azure Active Directory?
It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.
What is your experience regarding pricing and costs for Azure Active Directory?
Microsoft Entra ID is reportedly quite expensive for each user regarding security features. The renewal cost is particularly high according to the teams managing purchases.
 

Also Known As

No data available
Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator
 

Interactive Demo

 

Overview

 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.
Find out what your peers are saying about Amazon Cognito vs. Microsoft Entra ID and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.