Amazon Cognito – From a Beginner’s Overview.


This is Pooja from Alliance department. This blog summaries Amazon Cognito.

About Amazon Cognito

  • It's an AWS service that provides Authentication and Authorization Features.
  • On the whole cognito provides all the sign in, registration and various access control.
  • Cognito is highly available and scalable.
  • Identity Providers like OAuth 2.0, OIDC(OpenID Connect), SAML(Security Assertion Markup Language) are supported by Cognito.
  • Cognito keeps an active directory of Users, secures your APIs, provides access(temporary) to the AWS resources.

Amazon Cognito | AWS Architecture Blog


Core Concepts

There are primarily two concepts related to cognito:

  • User Pools: It's defined as a user directory in Amazon Cognito, with this the user can sign in to a web or a mobile application through Cognito. Users are given an option to sign in through various social media accounts like, Facebook, Amazon or Apple All the members of the user pool have a directory profile that can be accessed through a SDK(Software Development Kit), irrespective of the fact that they have signed directly or indirectly using a third party software. User Pools are closely related to authentication.

Amazon Cognito user pools - Amazon Cognito



  • Identity Pools: Also known as Federated Identities, allows the user to create unique identities for the users and integrate them with the application(federate) with identity providers. Identity pools provides temporary access to limited privileges AWS credentials to access various other AWS services. or identity pools are closely associated with authorization.

Accessing AWS services using an identity pool after sign-in - Amazon Cognito


Working on Amazon Cognito

To create an Amazon Cognito user pool, you can follow these steps:
1. Go to the AWS Management Console  http://(
2. Sign in to your AWS account or create a new account if you don't have one.
3. Search for "Cognito" in the search bar at the top of the AWS Management Console, and click on "Amazon Cognito" from the search results.
4. In the Amazon Cognito dashboard, click on "Manage User Pools."
5. Click on the "Create a user pool" button.
6. Provide a name for your user pool and configure the desired settings. This includes options such as password requirements, multi-factor authentication, user attributes, and more. Customize these settings according to your application's requirements.
7. Once you have configured the necessary settings, click on the "Review defaults" button to review the default configurations.
8. Click on the "Create pool" button to create your user pool.
9. After the user pool is created, you can further configure features like app clients, domain names, triggers, and more, based on your requirements.
10. Take note of the "Pool Id" and "App client id" values.
With these steps, you have successfully created an Amazon Cognito user pool. You can now use the provided pool id and app client id in your application code to integrate user authentication and management using Amazon Cognito.



In conclusion, Amazon Cognito is a powerful and versatile service offered by AWS that simplifies user authentication and authorization in applications. It provides a comprehensive set of features for user management, authentication, identity federation, and fine-grained access control.

Here's hoping that this blog was helpful, thank you for your time.

Happy Learning!!!