Amazon Cognito vs Azure Active Directory (Azure AD) comparison

You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Amazon Cognito and Azure Active Directory (Azure AD) based on real PeerSpot user reviews.

Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Amazon Cognito vs. Azure Active Directory (Azure AD) Report (Updated: January 2023).
672,411 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"This is a scalable solution. If our app or general usage increases, this solution can support it.""The most valuable features of Amazon Cognito are OTP validation and email validation.""Cognito speeds up our development and saves us time.""The solution is proto connective and integrates well with other AWS services.""The federation is one of the most efficient features as the pricing is competitive.""The most valuable features of Amazon Cognito are the pre and post-token generation, and the different Cognito triggers. It has lots of functionality and flexibility."

More Amazon Cognito Pros →

"Azure is the leading market solution because of its history, features, and maturity.""For some applications, it's not only working for authentication but it's also being used to apply roles for users. From the management perspective, it's much better to have this because in the past we constantly needed to go into the console of the different solutions and create or delete users or modify their roles and permissions. Now, with Azure Active Directory, we can do that from a single point. That makes our management model much easier.""Two very important features in terms of security are governance and compliance through the Conditional Access policies and Azure Log Analytics.""The user functionality enables us to provide different levels of access, across many applications, for each user. We can customize the access level and set a security level in connection with that access. For instance, we can require MFA. That is a feature that helps enhance our security posture a lot.""The portal version of the Azure active directory is pretty robust.""If you want to replicate a website at the frontend in Azure, it's very easy to do it globally.""It has made our work easier in that it’s simplified everything for us.""It's something we have to deal with every day. It is present. If you're in a domain environment, you'll need it to log in. If you work in a Microsoft-centric environment, you can't avoid it."

More Azure Active Directory (Azure AD) Pros →

"The secure authentication of Amazon Cognito has benefited our company. We were previously using legacy signup systems.""I believe this product could improve by enriching user profiles.""In a future release, we would like to have different methods to validate the characteristic of a user. For example, we would like to use biometric data to analyze the behavior of users.""The MFA related to the solution's side is nonexistent.""The ease and simplicity of integration could be improved when using this solution. When using Okta, scope is a single endpoint with a parameter as a scope. In the Cognito for each scope, there is a separate endpoint.""Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful."

More Amazon Cognito Cons →

"I want better integration between Azure AD and the on-prem environment because there are currently limitations that can hamper employee experience. We use a feature called password writeback, that can be challenging to implement in a hybrid environment. Employees can change their passwords using a self-service password reset (SSPR) feature, which reflects from the cloud to the on-prem identity, but not the other way around. Currently, there is no way to reflect passwords from on-prem identities to the cloud.""Everything should be in one package. There are so many different packages. They need to provide guidance because there are so many features and we don't know how to implement them in our organization.""Something that can be improved is their user interface""The solution was difficult to scale because the group's configuration was complex. I would rate the scalability level of Azure Active Directory a five out of ten.""One area where it can improve is connectivity with other systems. Not all systems are connected and you have to do coding to establish a point of connectivity. It supports certain vendors and it supports certain protocols. It is limited in many other aspects at the attribute level.""In terms of stability, sometimes the more applications you integrate, the more it becomes a little bit unstable.""There is no documentation about how Microsoft will scale Azure AD for customers. It only mentions that it will scale out if you have a lot of requests but does not mention how in detail.""Compared to what we can do on-prem, Azure AD lacks a feature for multiple hierarchical groups. For example, Group A is part of group B. Group B is part of group C. Then, if I put someone into group A, which is part of already B, they get access to any system that group B has access to, and that provisioning is automatically there."

More Azure Active Directory (Azure AD) Cons →

Pricing and Cost Advice
  • "The pricing of this solution is good compared to other solutions on the market."
  • "We pay $600 monthly per user for licences and there are no other additional costs."
  • "The pricing is bad so I rate it a two out of ten."
  • "The price of Amazon Cognito is expensive. We are on an annual subscription."
  • "The price of Amazon Cognito is low. The pricing model is based on the users."
  • More Amazon Cognito Pricing and Cost Advice →

  • "We got a good deal. If you get rid of all the products providing features that Azure Suite can provide, then it makes sense cost-wise."
  • "Microsoft has a free version of Azure AD. So, if you don't do a lot of advanced features, then you can use the free version, which is no cost at all because it is underpinning Office 365. Because Microsoft gives it to you as a SaaS, so there are no infrastructure costs whatsoever that you need to incur. If you use the free version, then it is free. If you use the advanced features (that we use), it is a license fee per user."
  • "Make sure that you get the most out of your Office 365 licenses for Azure AD. If you have additional concerns for users who don't have an Office 365 license, consider Azure AD Premium P1 and P2. Be aware that you have to evaluate your license usage beforehand."
  • "If you have a different IDP today, I would take a close look at what your licensing looks like, then reevaluate the licensing that you have with Microsoft 365, and see if you're covered for some of this other stuff. Folks sometimes don't realize that, "Oh, I'm licensed for that service in Azure." This becomes one of those situations where you have the "aha" moment, "Oh, I didn't know we can do that. Alright, let's go down this road." Then, they start to have conversations with Microsoft to see what they can gain. I would recommend that they work closely with their TAM, just to make sure that they are getting the right level of service. They may just not be aware of what is available to them."
  • "If you are dealing with one supplier with an out-of-the-box solution, which provides you end-to-end capabilities, then it is naturally cheaper and less of a headache to manage and operate."
  • "Be sure: You know your userbase, e.g., how many users you have. You choose the right license and model that suit your business requirements."
  • "For the Czech people, the solution is not cheap, as we are not a rich country. However, for most countries, the product pricing is acceptable."
  • "Everything needs to be considered for the requirements and if it is within the budget, then you can come up with a solution, whether it is SaaS, PaaS, or IaaS."
  • More Azure Active Directory (Azure AD) Pricing and Cost Advice →

    Use our free recommendation engine to learn which Access Management solutions are best for your needs.
    672,411 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The most valuable features of Amazon Cognito are the pre and post-token generation, and the different Cognito triggers. It has lots of functionality and flexibility.
    Top Answer:The price of Amazon Cognito is expensive. We are on an annual subscription. I rate the price of Amazon Cognito a two out of ten.
    Top Answer:Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a… more »
    Top Answer:Azure Active Directory's single sign-on feature has been helpful because users don't need to authenticate again and again each time they access it. Users only need to sign in the first time, and Azure… more »
    Top Answer:Active Directory is bundled with a package of Microsoft services, so it doesn't cost much. I don't know about the individual license of Active Directory.
    Top Answer:Microsoft services and most familiar third-party applications are currently supported, but we can't find many other platforms that integrate with Office 365 or Azure Active Directory. Microsoft should… more »
    out of 30 in Access Management
    Average Words per Review
    out of 30 in Access Management
    Average Words per Review
    Also Known As
    Azure Active Directory
    Learn More

    Amazon Cognito is a simple user identity and data synchronization service that helps you securely manage and synchronize app data for your users across their mobile devices. You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline. With Amazon Cognito, you can save any kind of data in the AWS Cloud, such as app preferences or game state, without writing any backend code or managing any infrastructure. This means you can focus on creating great app experiences instead of having to worry about building and managing a backend solution to handle identity management, network state, storage, and sync.

    Azure Active Directory (Azure AD), part of Microsoft Entra, is an enterprise identity service that provides single sign-on, multifactor authentication, and conditional access to guard against 99.9 percent of cybersecurity attacks.

    Azure Active Directory (Azure AD) is a cloud-based identity and access management service. This service helps your employees access external resources, such as Microsoft 365, the Azure portal, and thousands of other SaaS applications. Azure Active Directory also helps them access internal resources like apps on your corporate intranet network, along with any cloud apps developed for your own organization.

    Azure AD is intended for:

    • IT admins: As an IT admin, use Azure AD to control access to your apps and your app resources, based on your business requirements. For example, you can use Azure AD to require multi-factor authentication when accessing important organizational resources. You can also use Azure AD to automate user provisioning between your existing Windows Server AD and your cloud apps, including Microsoft 365. Finally, Azure AD gives you powerful tools to automatically help protect user identities and credentials and to meet your access governance requirements.
    • App developers: As an app developer, you can use Azure AD as a standards-based approach for adding single sign-on (SSO) to your app, allowing it to work with a user's pre-existing credentials. Azure AD also provides APIs that can help you build personalized app experiences using existing organizational data. 
    • Microsoft 365, Office 365, Azure, or Dynamics CRM Online subscribers: As a subscriber, you're already using Azure AD. Each Microsoft 365, Office 365, Azure, and Dynamics CRM Online tenant is automatically an Azure AD tenant. You can immediately start to manage access to your integrated cloud apps.
    Learn more about Amazon Cognito
    Learn more about Azure Active Directory (Azure AD)
    Sample Customers
    Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
    Azure Active Directory is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak,, and more.
    Top Industries
    Comms Service Provider23%
    Computer Software Company19%
    Financial Services Firm6%
    Financial Services Firm15%
    Computer Software Company13%
    Manufacturing Company10%
    Energy/Utilities Company6%
    Computer Software Company20%
    Financial Services Firm12%
    Comms Service Provider9%
    Company Size
    Small Business23%
    Midsize Enterprise14%
    Large Enterprise63%
    Small Business32%
    Midsize Enterprise14%
    Large Enterprise54%
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    Buyer's Guide
    Amazon Cognito vs. Azure Active Directory (Azure AD)
    January 2023
    Find out what your peers are saying about Amazon Cognito vs. Azure Active Directory (Azure AD) and other solutions. Updated: January 2023.
    672,411 professionals have used our research since 2012.

    Amazon Cognito is ranked 6th in Access Management with 6 reviews while Azure Active Directory (Azure AD) is ranked 1st in Access Management with 101 reviews. Amazon Cognito is rated 7.0, while Azure Active Directory (Azure AD) is rated 8.8. The top reviewer of Amazon Cognito writes "Good integration with AWS services but not feasible for B2C because MFAs are nonexistent". On the other hand, the top reviewer of Azure Active Directory (Azure AD) writes "With multi-factor authentication, we've seen a marked decrease in the number of threats we've seen come through". Amazon Cognito is most compared with Auth0, Okta Workforce Identity, WSO2 Identity Server, ForgeRock and F5 BIG-IP Access Policy Manager (APM), whereas Azure Active Directory (Azure AD) is most compared with Google Cloud Identity, Auth0, CyberArk Privileged Access Manager, PingFederate and ForgeRock. See our Amazon Cognito vs. Azure Active Directory (Azure AD) report.

    See our list of best Access Management vendors.

    We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.