Amazon Cognito Reviews

The usual use cases for Amazon Cognito that I have been working with mostly involve working for TLG Apps for three and a half years, where TLG Apps is a FinTech company in the UK. We were working for a few of the FinTech products, and inside that FinTech product, to make the authorization work, we handle how users will do the login, how to manage their identity, and how they can manage the logins and registration process. All those things are internally handled by Amazon Cognito. We use Amazon Cognito in multiple products inside TLG Apps.

I do use Amazon Cognito's custom authentication workflows, and we have worked a lot on that custom authentication, specifically using the multi-authentication system.

The custom authentication workflow's impact on my user management processes is significant, as I am working on a FinTech product that requires multi-level authentication. It does not just require a username and password, so in order to implement this, we had to include OTPs or one-time passwords sent to the user via mobile, email, and several other places as well. We can use an authenticator app as well, so we have multiple options available. We use this custom authentication flow to implement this feature specifically.

I never use the UI components directly of Amazon Cognito; rather, I work under the hood. We will not directly use their UI components, but will use their API, as the frontend is not going to use any UI at all, basically. Since it's a product, we will do the branding ourselves, and all those things. Amazon Cognito is directly linked to our backend service, you can say, so it is not exposed directly to the frontend.

The benefits I have experienced using Amazon Cognito's token-based authentication for OAuth 2.0, OpenID Connect, and SAML 2.0 protocols include my understanding that OAuth 2.0 is an open protocol widely used in all applications, and Amazon Cognito is the same as well. It has more compatibility in how we can implement it, as we have to do it in multiple places. If we need to build multiple applications based on a single Amazon Cognito instance, it is very good because we can create multiple apps on a single instance allowing one user to be shared across multiple applications, enabling single sign-on and so forth.

The features or capabilities of Amazon Cognito that I have found the most valuable so far include its seamless operation and the requirement of fewer integrations from the client side. All the features are there, enabling us to create the users, manage the groups, and manage access. Mostly, the access management is very good in Amazon Cognito, I would say.

The benefits and positive impacts that Amazon Cognito has had in my experience include the fact that earlier we needed to implement so many things on behalf of the product itself. Now, the go-to-market strategy requires less than a week to complete integrations of the user flow, specifically mentioning that a basic authentication flow could be completed in a week itself. We don't have to care about how we manage the passwords, how we manage groups, and how we manage access management because all those things are there. It's handy, the documentation is very good, and it is easy to integrate. That's the reason I would say that the impact AWS is building on the product is great.

I think Amazon Cognito provides less flexibility to customize at the moment. It is very tightly coupled with its own services, so it does not provide customization according to what the client needs. If a client has specific requirements, for example, needing two-way authentication from a different kind of authentication that they want to implement along with the username and password, those kinds of customizations are available but not that user-friendly, I would say.

I have been working with Amazon Cognito for the last four years.

I would rate how stable and reliable Amazon Cognito is a nine, as it is very stable with no issues found until yet, indicating that its availability is at 99.9%.

I would rate how scalable Amazon Cognito is a nine out of ten since it is scalable and on-demand. We don't have to think about how many users there are as it goes, so there are no limitations available.

I do not often communicate with the technical support of Amazon Cognito, but initially, we had a couple of calls to understand how we can manage our custom authentication flow and all. Nothing apart from that, as initially we talked about our authentication flow and what would be the best way to implement Amazon Cognito for our use case.

Based on my experience with the technical support, I would rate them a nine.

Positive

Before working with Amazon Cognito, I worked with several other tools for authentication, including my own authentication system in Bosch. I have worked for Bosch, where it had an internal tool for authentications, and it was not that much flexible compared to Amazon Cognito, I would say.

I did participate in the initial setup and deployment of Amazon Cognito, where we needed to create an Amazon Cognito instance based on our use case, including the regions and all. We need to do some configurations such as how the image should be or how the message should be. Those are the message configurations we need to do, alongside determining what kind of authentication flow we need to implement and how many apps we need. We also need to configure the access token and refresh token validity. Overall, these are the major configurations I would say, including notifications we need to send and if we are going with custom authentication, which also requires us to implement the custom authentication with two or three lambdas that we need to add.

I find that the initial setup and deployment is straightforward, and there are not many challenges in setting up the AWS services.

I am aware that the pricing of Amazon Cognito is not managed by me directly but is managed by some other teams, specifically the DevOps teams. As far as I know, it is based on how many users we have and how frequently we are doing the logins and all those things.

Before choosing Amazon Cognito, I did evaluate other options, along with one more vendor that I cannot remember. However, we were already using all our applications in AWS. We tried to go with Amazon Cognito to facilitate the integration of all other services.

I think all the passwords are already encrypted, so on the security side, I would rate it a nine out of ten.

Overall, based on every aspect that I mentioned, I would rate Amazon Cognito an eight out of ten.

Public Cloud

Amazon Web Services (AWS)

I used Amazon Cognito for access management for different applications, including websites and other web applications. Since we didn't need to create our own authentication methods for applications, we used it for our customers as an out-of-the-box solution. We only needed to integrate it with our application.

I worked extensively with Amazon Web Services and utilized many services from AWS. I used S3, CloudWatch, Amazon Cognito, Simple Mail, Lambda, and EC2. Amazon Cognito was particularly helpful and clear to use. I can only speak positively about it and had a good experience. The solution is very good, and we used almost all of these services because of SAML, Okta, and Microsoft integrations.

Branding could be improved. When you use the Amazon Cognito domain and have a panel to login the user, I would add more customization options, such as icons or customization to the modal window which appears when you want to login through Amazon Cognito.

I used Amazon Cognito for around two years.

The solution was stable. I didn't notice any problems, and I don't have any blockers or performance issues. Everything is working correctly. It is very easy to use.

Amazon Cognito fulfilled my needs completely, so I don't have any concerns regarding scalability.

Based on my experience, I didn't have any problems, so I don't want to judge the customer service.

I am currently unemployed for two months looking for something new, so there is no contact with that company.

Integrations were straightforward. I didn't find anything difficult. The pricing is not expensive, and I think it is a very good price.

When I was in my company, we started to work on it at the end, but I was not involved. I know that we started to work on Amazon Cognito.

No alternate solutions to discuss.

There are many helping scripts which allow you to integrate with many different solutions and identity providers, so everything is available on the table. Whatever I used Amazon Cognito for was sufficient for me. My review rating for this product is 10 out of 10.

Cloud

Amazon Web Services (AWS)

I use Amazon Cognito for single sign-on for our service. It is used to keep our customer credentials and authenticate the customer.

What is quite valuable is that we can outsource storage of the credentials to AWS, and they manage it quite securely. We have never had an issue with any leakage of credentials, which is normally a problem for anyone storing passwords of the customers. This is probably the best part of our decision to select Amazon Cognito. It helps in maintaining security and integrity.

We are using it in an international setup where we have multiple services running in multiple countries. Cognito localizes only regarding language, but the service is localized in each country. Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API. I hope they will fix this soon because it's useful to rely on already prepared flows for all the account management. As it doesn't work with different languages, rewriting it is quite complicated. Additionally, maybe they could find another step in the price so there is not such a significant jump from the basic to extended functionality. Some flexibility would be helpful.

I have used Amazon Cognito for five years.

The stability is high. We have never had an issue.

The scalability is at least an eight. We have never had an issue.

We mainly rely on the documentation, which is quite extensive. We once had to contact technical support, so it's hard to say about its quality. From the documentation perspective, if treated as support, it's maybe a six to seven. It's quite okay, but could be much better to understand.

Neutral

There is a learning curve to understand how it works, but once understood, it is quite straightforward.

For sure, there is not a direct revenue growth, as it is mainly on the security and time-saving aspects. The value mainly comes from maintaining security because the risk of leaked credentials can be disastrous for the business. The extended functionality of checking credentials with external leaked databases is nice but quite expensive. While it's hard to justify the extended functionality, the basic functionality is justifiable because of the security benefits.

The basic functionality is reasonably priced, but the extended functionalities, especially the extended security, are quite expensive. There is a significant jump from the basic to the extended functionality, with additional fees per account, making it a steep increase with a big number of accounts.

I would recommend Amazon Cognito to others. On a scale of 1 to 10, I would rate this solution as a five, which is somewhere in the middle.

Public Cloud

Amazon Web Services (AWS)

We use Amazon Cognito for authentication, specifically for user login and signup. We primarily use Amazon Cognito to store user details. If we want to log in with authentication like a username and password, we use Amazon Cognito. We also use it for OTP logins. Amazon Cognito offers a simple authentication method for our system.

The most valuable feature is the authentication method. The way it handles authentication is simpler to use. When we integrate any authorization, it takes time, but due to the AWS documentation and Amazon Cognito's feasibility, we use it more. We find it simple for authentication.

We cannot customize the authorization. For example, when creating multiple Cognito pools and identity pools for different users, I would like to handle it by role so that only one Cognito pool is needed and we define users by role. Another improvement could be better documentation. If documentation for services like Amazon Cognito were available directly under each service's section, it would be easier to find and implement.

I have been using Amazon technologies overall for three years.

The initial deployment of Amazon Cognito took around two to three days. Initially, we used the Amazon console to create pools, but now we use CloudFormation to deploy AWS services, including Amazon Cognito. This allows for dynamic creation of resources.

Amazon Cognito is really stable. We have not faced any data loss or similar issues. Stability is crucial for us as user data is very important, and any data loss would be a big problem for any organization.

I would rate its scalability as five out of ten. Moving users between different pools or accounts creates new identities, which means IDs stored in our database must also be changed. This complicates scalability.

I rate technical support around seven out of ten. While they offer free support for billing issues, technical issues require paid support. I faced issues with my SES production access where prompt support was lacking.

Neutral

Previously, we used JWT and OAuth for authorization, managing user details and data on our database. We switched because Amazon Cognito offers better user experience and proper management of users.

I would rate the initial setup as nine out of ten. It was straightforward and easy to install.

We can deploy and maintain Amazon Cognito by ourselves. One person is enough for the maintenance of Amazon Cognito since it is a one-time process.

I did not evaluate other vendors. I have only worked in the AWS ecosystem.

I rate Amazon Cognito nine out of ten. For those new to Cognito or evaluating it, the documentation contains all necessary details. Just ensure your system can manage Amazon Cognito and database details. Practice first before implementing it into production.

Public Cloud

Amazon Web Services (AWS)

The use case for Amazon Cognito is primarily for a single sign-on feature to manage user access. It is also associated with a project that involves education and entertainment.

What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs. This feature has been beneficial in helping us manage user access efficiently. It is considered just another tool similar to Azure Active Directory.

Amazon Cognito could be improved by making it easier for us to add more data to the token, allowing customization of JWT. It requires a complex program to customize the token currently, however, the UI could support this configuration better.

I have been using Amazon Cognito for more than one year.

We have not tested the scalability of Amazon Cognito yet. We plan to do a performance test. Currently, we cannot comment on its scalability.

I have not contacted Amazon support for Cognito, so I don't know about their customer service for this product. In general, I would rate Amazon's customer service as eight out of ten. It is a bit difficult to find their contact number online.

Positive

The initial setup was not particularly easy, but not complicated either. It is somewhere in the middle on a scale of one to ten, around a five. More automation could make it easier.

I have not reached the threshold to comment on the cost as we are still in the testing phase.

I would recommend Amazon Cognito to others. If you are using Amazon, then it serves as a good replacement for an active directory. Please keep the review anonymous. 

Overall, I rate the solution as eight out of ten.

We have used Cognito for our architecture model to handle user authentication and access control for our web and mobile applications. 

Additionally, we have incorporated Cognito not only for user authentication but also for social sign-in, SSO integration with our organization’s IDP, allowing us to onboard multiple customers with their own organization identity through SSO.

With Cognito, user authentication is more secure, and we no longer have to build and scale our own authentication model. It has benefited us by eliminating the need to incorporate security pointers manually. Furthermore, with Cognito's advanced features, we now achieve improved integration capability with other federated IDPs, enhancing our security and user management.

The features most valuable to us are the ability to integrate with various IDPs and the capability to sync with multiple applications.

The setup and configuration can be complex, especially for advanced use cases. A dedicated documentation portal with comprehensive information would be helpful. The user interface could be more intuitive to simplify the process, and pricing is very high for smaller organizations.

I have been using Cognito for four years.

Cognito is very stable and reliable. We have not experienced significant downtime or security issues, and it consistently performs well.

Cognito's scalability is rated nine out of ten, as it handles high scalability well.

Customer service is rated nine out of ten, as they communicate properly and provide support via voice channels, telephone calls, and email.

Positive

Previously, we handled authentication management on our own. This involved writing custom code for authorization and maintaining tokens, which required creating a separate microservice and led to increased development time and costs. With Cognito, AWS manages the infrastructure, taking care of security threats and updates.

The initial setup process is rated seven out of ten, as it can be straightforward once you know the solution you want to build for your application. However, integrating with additional services can introduce complexity.

If a party is well-versed in integration and token-based processes, a single person can manage it.

We have seen good returns on investment due to improved security and user management, along with the integration capability with other federated IDPs.

Pricing is considered expensive for smaller organizations. Cognito's pricing was rated seven out of ten due to its cost.

We evaluated other options such as Auth0, which we found to be more expensive.

Before using Cognito, it is important to understand how you want to incorporate your security model or authentication module into your product. Proper understanding of authentication and user management needs is crucial to avoid inefficiencies and cost overruns.

I'd rate the solution eight out of ten.

Public Cloud

We use Amazon Cognito for implementing SSO for Azure ready, Okta, or Oczero.

Amazon Cognito has helped improve our organization by unifying a lot of cross-functional SSOs under one umbrella. It has helped us cover all the different use cases. Our customers are passing through an Amazon Cognito gateway rather than a different hybrid or isolated provider.

The most valuable features of Amazon Cognito are the pre and post-token generation, and the different Cognito triggers. It has lots of functionality and flexibility.

Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful.

I have been using Amazon Cognito for approximately one year.

I rate the stability of Amazon Cognito a seven out of ten.

The scalability of Amazon Cognito is good.

We develop software for many customers and have many users who use this solution. There are approximately 5,000. We plan to increase our usage in the future.

I rate the scalability of Amazon Cognito a seven out of ten.

I have not used the support for Amazon Cognito. However, I heard they are good.

We have not used another solution prior to Amazon Cognito.

We use Terraform for the deployment and it takes approximately 15 to 30 minutes for a typical deployment.

There are a lot of different steps that need to be taken for the implementation, there are other dependencies. At the beginning levels, it takes anywhere from 15 to 30 minutes. In a more complex environment, it takes more than an hour to two hours if you try to have a one-nightly build and everything bypassing through automated test assets and the different syntax. If you have many different elements involved it takes longer than two hours.

I rate the initial setup of Amazon Cognito a seven out of ten.

We have two people that do the deployment of the solution.

The return on investment we have received has been good. The solution has saved us a lot of time.

The price of Amazon Cognito is expensive. We are on an annual subscription.

I rate the price of Amazon Cognito a two out of ten.

We evaluated Keycloak and we found Amazon Cognito was a better option in terms of changes.

We use one developer for the maintenance of the solution.

I rate Amazon Cognito a seven out of ten.

Public Cloud

Amazon Web Services (AWS)

Our company has been using the solution to determine proof of concept for a project that is large-scale with over one million users. Through experimentation, we have found that some things work well and some things have issues.  

We have 300 engineers using the solution but have determined our project cannot go to production because there are unresolved issues with B2C multifactor authentication. 

The solution is proto-connective and integrates well with other AWS services. 

The solution can be useful for small-scale, machine-machine projects. It can provide one kind of language that is the same for all connection partners. 

The developer experience for mobile apps is terrible. Documentation is very poor and it is difficult to read the documents available to put things into practice. Our team has issues finding information related to using the solution. 

SDK and libraries available for mobile apps are terrible. For example, if you use MFA to migrate one user from your database to the pool, you need to use Lambda functions or other methods in AWS to get the solution enabled. 

It is extremely difficult to put a very, very scalable project into practice. Our team doesn't think you can use the solution for B2C on a large scale. We thought the solution would provide an agile experience but it does not. 

The solution needs to keep a history of passwords. For example, you should be able to check if customers used the same password in the past when connecting to a company by username and password. This type of feature is a must for our project. 

The MFA related to the solution's side is nonexistent. MFA should occur on the Facebook or Google side and also on the solution's side. This is a big problem because we have wallets, credit cards, and sensitive data stored for each customer. One layer of security is totally missing. 

I have been using the solution for three months. 

The solution does not seem stable because it performs and behaves differently for native and iOS apps. I cannot say the solution is stable for any one application. 

Scalability is not so good so it is difficult to scale to future users. The solution works for some custom development but the backend needs to be more scalable. It does not seem that the solution is scalable in terms of features from both the backend and production sides. 

Technical support is good so I rate it a five out of ten. 

Neutral

The setup is pretty easy but production is difficult. 

Our team implemented the solution in-house. We have many teams so once we implement, other teams can do orchestration because we have a DDG domain-driven approach. You can see a vertical deployment in production even if teams are working independently. 

Ongoing management is handled by five engineers. 

The pricing is not so bad, so I rate it a two out of ten. 

The solution works pretty well for some parts of our project but not well for parts related to our customer. For example, we need B2C to connect a mobile app experience but have a lot of problems with multifactor authentication so we cannot put the solution to production. 

You can use the solution for proof of concept or starting projects that do not have a lot of users. 

The solution will not work well for web apps or native applications that connect consumers in the end. It is not good for custom flows or the in-app experience. MFAs and social logins are not feasible with the solution. 

I rate the solution a five out of ten. 

Public Cloud

Amazon Web Services (AWS)

I use Amazon Cognito for managing user authentication and access control within my projects.

I appreciate Amazon Cognito's ability to scale with demand and its seamless user verification features.

There is room for improvement in Amazon Cognito. 

I have been using Amazon Cognito for an unspecified duration.

I have not faced any stability issues with Amazon Cognito. It has been stable with no breakdowns or significant bugs.

Amazon Cognito provides effective scalability with its features allowing growth.

The support from Amazon is satisfactory, including their response time and knowledge.

Neutral

Overall, I'm satisfied with Amazon Cognito and would recommend it to others.

I'd rate the solution nine out of ten. 

Public Cloud

We use the solution for user management and authentication. Most of the time, when users are created on the core application, they are also created on Amazon Cognito. Then, we use policies to govern what resources they can and cannot access.

The most valuable feature of the solution is its swift authentication.

What I found generally lacking in AWS is privileged access management (PAM).

I have never faced any issues with the solution’s stability.

I rate the solution a nine out of ten for stability.

Around 120 users are using the solution in our organization.

Amazon Cognito is a very scalable solution.

The initial setup of the solution is pretty easy and can be done in just one click.

You only need about 20 to 30 minutes to deploy the solution in the cloud.

We pay a monthly licensing fee for the solution.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten.

The solution is deployed on the cloud in our organization. Our entire team of managers, developers, admins, and normal users are needed for the solution's deployment and maintenance. Amazon Cognito is a reliable and stable tool. It fuses very well and works harmoniously with other microservices.

Amazon Cognito is fully integratable with other AWS services or third-party applications. We've done Azure AD authentication, which we currently use, and it works well. The rest are the token and key, which we use for authentication at the service level. The solution’s documentation is very easy to follow.

Overall, I rate the solution a nine out of ten.