We performed a comparison between Amazon Cognito and Azure Active Directory (Azure AD) based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This is a scalable solution. If our app or general usage increases, this solution can support it."
"The most valuable features of Amazon Cognito are OTP validation and email validation."
"Cognito speeds up our development and saves us time."
"The solution is proto connective and integrates well with other AWS services."
"The federation is one of the most efficient features as the pricing is competitive."
"The most valuable features of Amazon Cognito are the pre and post-token generation, and the different Cognito triggers. It has lots of functionality and flexibility."
"Azure is the leading market solution because of its history, features, and maturity."
"For some applications, it's not only working for authentication but it's also being used to apply roles for users. From the management perspective, it's much better to have this because in the past we constantly needed to go into the console of the different solutions and create or delete users or modify their roles and permissions. Now, with Azure Active Directory, we can do that from a single point. That makes our management model much easier."
"Two very important features in terms of security are governance and compliance through the Conditional Access policies and Azure Log Analytics."
"The user functionality enables us to provide different levels of access, across many applications, for each user. We can customize the access level and set a security level in connection with that access. For instance, we can require MFA. That is a feature that helps enhance our security posture a lot."
"The portal version of the Azure active directory is pretty robust."
"If you want to replicate a website at the frontend in Azure, it's very easy to do it globally."
"It has made our work easier in that it’s simplified everything for us."
"It's something we have to deal with every day. It is present. If you're in a domain environment, you'll need it to log in. If you work in a Microsoft-centric environment, you can't avoid it."
"The secure authentication of Amazon Cognito has benefited our company. We were previously using legacy signup systems."
"I believe this product could improve by enriching user profiles."
"In a future release, we would like to have different methods to validate the characteristic of a user. For example, we would like to use biometric data to analyze the behavior of users."
"The MFA related to the solution's side is nonexistent."
"The ease and simplicity of integration could be improved when using this solution. When using Okta, scope is a single endpoint with a parameter as a scope. In the Cognito for each scope, there is a separate endpoint."
"Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful."
"I want better integration between Azure AD and the on-prem environment because there are currently limitations that can hamper employee experience. We use a feature called password writeback, that can be challenging to implement in a hybrid environment. Employees can change their passwords using a self-service password reset (SSPR) feature, which reflects from the cloud to the on-prem identity, but not the other way around. Currently, there is no way to reflect passwords from on-prem identities to the cloud."
"Everything should be in one package. There are so many different packages. They need to provide guidance because there are so many features and we don't know how to implement them in our organization."
"Something that can be improved is their user interface"
"The solution was difficult to scale because the group's configuration was complex. I would rate the scalability level of Azure Active Directory a five out of ten."
"One area where it can improve is connectivity with other systems. Not all systems are connected and you have to do coding to establish a point of connectivity. It supports certain vendors and it supports certain protocols. It is limited in many other aspects at the attribute level."
"In terms of stability, sometimes the more applications you integrate, the more it becomes a little bit unstable."
"There is no documentation about how Microsoft will scale Azure AD for customers. It only mentions that it will scale out if you have a lot of requests but does not mention how in detail."
"Compared to what we can do on-prem, Azure AD lacks a feature for multiple hierarchical groups. For example, Group A is part of group B. Group B is part of group C. Then, if I put someone into group A, which is part of already B, they get access to any system that group B has access to, and that provisioning is automatically there."
More Azure Active Directory (Azure AD) Pricing and Cost Advice →
Amazon Cognito is ranked 6th in Access Management with 6 reviews while Azure Active Directory (Azure AD) is ranked 1st in Access Management with 101 reviews. Amazon Cognito is rated 7.0, while Azure Active Directory (Azure AD) is rated 8.8. The top reviewer of Amazon Cognito writes "Good integration with AWS services but not feasible for B2C because MFAs are nonexistent". On the other hand, the top reviewer of Azure Active Directory (Azure AD) writes "With multi-factor authentication, we've seen a marked decrease in the number of threats we've seen come through". Amazon Cognito is most compared with Auth0, Okta Workforce Identity, WSO2 Identity Server, ForgeRock and F5 BIG-IP Access Policy Manager (APM), whereas Azure Active Directory (Azure AD) is most compared with Google Cloud Identity, Auth0, CyberArk Privileged Access Manager, PingFederate and ForgeRock. See our Amazon Cognito vs. Azure Active Directory (Azure AD) report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.