Get started with Amazon Cognito

Cognito User Pools introduces public beta of built-in sign in screens and SAML federation. Learn More.

Amazon Cognito lets you easily add user sign-up and sign-in to your mobile and web apps. With Amazon Cognito, you also have the options to authenticate users through social identity providers such as Facebook, Twitter, or Amazon, with SAML identity solutions, or by using your own identity system. In addition, Amazon Cognito enables you to save data locally on users devices, allowing your applications to work even when the devices are offline. You can then synchronize data across users devices so that their app experience remains consistent regardless of the device they use.

With Amazon Cognito, you can focus on creating great app experiences instead of worrying about building, securing, and scaling a solution to handle user management, authentication, and sync across devices.

Amazon Cognito Overview

User Sign-Up and Sign-In

With Cognito Identity, you can easily and securely add sign-up and sign-in functionality to your mobile and web apps. Cognito Identity is fully managed and can scale to support hundreds of millions of users. You can also implement enhanced security features, such as email and phone number verification, and multi-factor authentication. In addition, Cognito Identity lets you customize workflows through AWS Lambda such as adding app-specific logic to user registration for fraud detection and user validation. To learn more, visit our docs.

Federated Identities

Cognito Identity allows you to easily federate identities so that your users can sign-in through social identity providers such as Facebook, Twitter, Google, and Amazon or using your own identity solution. You can also let your users sign-in through identity providers that support Security Assertion Markup Language (SAML) such as Microsoft ADFS. When you use Amazon Cognito, your app is provided with temporary, limited-privilege credentials that it can use to access AWS resources. You can set granular access permissions on your AWS resources, for example, you can limit access to a folder within an S3 bucket to a particular app user, or enable unauthenticated users to access a restricted set of resources. This means your app can access the resources it needs and that you can follow security best practices by not hardcoding credentials in your app. To learn more, visit our docs.

Store and Sync

When you use Cognito Sync, your app can read and write to a local data store. This means that your app can work in the same way regardless of whether the device is online or offline. You can also save user data, such as user preferences, sign-in, and game state, and then sync this data across a user’s devices to make their experience consistent across their devices. Cognito Sync resolves conflicts and intermittent network connectivity, enabling you to focus on delivering great app experiences instead of creating and managing a user data sync solution. To learn more, visit our docs.

Get Started with Amazon Cognito