We performed a comparison between Amazon Cognito and Microsoft Entra ID based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This is a scalable solution. If our app or general usage increases, this solution can support it."
"The solution is proto connective and integrates well with other AWS services."
"The federation is one of the most efficient features as the pricing is competitive."
"Cognito speeds up our development and saves us time."
"The most valuable features of Amazon Cognito are OTP validation and email validation."
"One of the key benefits of this software is its ease of integration with a wide range of applications, including mobile apps and web applications. This simplifies the process of integration, and it can be seamlessly incorporated with Azure, Kubernetes, and other software systems."
"The most valuable features of Amazon Cognito are the pre and post-token generation, and the different Cognito triggers. It has lots of functionality and flexibility."
"They offer a permission tool to help us manage multi-factor authentication."
"The most valuable feature is that it is very easy to implement, you don't need a lot of effort to set up the solution. This is the most advantageous point, that you can do anything on Azure without taking too much time."
"Very stable and scalable IAM service with good SSO and authentication features."
"My two preferred features are conditional access and privileged identity management."
"We use BitLocker for policy enforcement. And now, because of the Microsoft 365 Business Premium package, we get Intune as a part of it. That's very useful for us for setting policies and managing the systems. The biggest strength of Azure AD is Intune."
"The most valuable feature is the ease of scalability."
"The self-password reset if it's enabled and configured properly, really helps a company be able to reset rather than getting IT involved."
"Privileged Identity Management (PIM), managed identities, dynamic groups, and extension and security attributes are all great features."
"Azure Active Directory provides access to resources in a very secure manner. We can detect which user is logging in to access resources on the cloud. It gives us a comprehensive audit trace in terms of from where a user signed in and whether a sign-in is a risky sign-in or a normal sign-in. So, there is a lot of security around the access to resources, which helps us in realizing that a particular sign-in is not a normal sign-in. If a sign-in is not normal, Azure Active Directory automatically blocks it for us and sends us an email, and unless we allow that user, he or she won't be able to log in. So, the User Identity Protection feature is the most liked feature for me in Azure Active Directory."
"The ease and simplicity of integration could be improved when using this solution. When using Okta, scope is a single endpoint with a parameter as a scope. In the Cognito for each scope, there is a separate endpoint."
"The secure authentication of Amazon Cognito has benefited our company. We were previously using legacy signup systems."
"The MFA related to the solution's side is nonexistent."
"I believe this product could improve by enriching user profiles."
"In a future release, we would like to have different methods to validate the characteristic of a user. For example, we would like to use biometric data to analyze the behavior of users."
"Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful."
"Amazon Cognito could improve by simplifying the configuration."
"Amazon Cognito’s UI needs improvement while onboarding new users."
"I want better integration between Azure AD and the on-prem environment because there are currently limitations that can hamper employee experience. We use a feature called password writeback, that can be challenging to implement in a hybrid environment. Employees can change their passwords using a self-service password reset (SSPR) feature, which reflects from the cloud to the on-prem identity, but not the other way around. Currently, there is no way to reflect passwords from on-prem identities to the cloud."
"Azure AD needs to be more in sync. The synchronization can be time-consuming."
"Microsoft needs to add a single setup, so whenever resources join the company or are leaving the company, all of the changes can be made with a single click."
"I want to see more features to improve security, such as integrated user behavior analysis."
"If Microsoft can give us a way to see where this product is running, from a backend perspective, then it would be great."
"Some systems do not integrate very well with Azure AD. We thought of going for Okta, but later on we were able to achieve it, but not the way we wanted. It was not as easy as we thought it would be. The integration was not very seamless."
"If somebody is using an IdP or an identity solution other than Active Directory, that's where you have to start jumping through some hoops... I don't think the solution is quite as third-party-centric as Okta or Auth0."
"Active Directory could always be more secure. Right now, we've got two-factor authentications. All services based on Active Directory have a username and password. If somebody hacked our username, they could easily get all the data from our side. So I want two-factor authentication and a stronger password policy from Active Directory. The domain controllers should be more secure as well."
Amazon Cognito is ranked 5th in Access Management with 8 reviews while Microsoft Entra ID is ranked 1st in Access Management with 190 reviews. Amazon Cognito is rated 7.6, while Microsoft Entra ID is rated 8.6. The top reviewer of Amazon Cognito writes "Good integration with AWS services but not feasible for B2C because MFAs are nonexistent". On the other hand, the top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". Amazon Cognito is most compared with Auth0, Cloudflare Access, Okta Workforce Identity, ForgeRock and CyberArk Privileged Access Manager, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Yubico YubiKey and Cisco Duo. See our Amazon Cognito vs. Microsoft Entra ID report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.