Amazon Cognito

AWSSecurityFree tier available

Customer identity and access management service with User Pools for sign-up and sign-in, Identity Pools for federated AWS credentials, social and SAML/OIDC federation, hosted UI, adaptive authentication, and advanced security risk scoring for consumer-scale apps

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore AWS in TreemapExplore security in Honeycomb
DocumentationPricing

Attributes

SLA Uptime
99.9%
Mfa Support
Yes

Sub-services (4)

User Pools

User directory with sign-up, sign-in, MFA, social and SAML/OIDC federation

Identity Pools

Exchange verified identities for temporary AWS credentials for mobile and web apps

Hosted UI

Customisable AWS-managed sign-in and sign-up pages with OAuth 2.0 and OIDC

Advanced Security

Compromised-credentials detection, risk-based adaptive MFA, and anomaly alerts

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

GDPRSOC 2ISO 27001HIPAAPCI DSSFedRAMP

Where this runs

38 regions
27 countries
5sovereign
Sovereign regions (5)
  • AWS GovCloud (US-East) · AshburnAWS GovCloud (US)
  • AWS GovCloud (US-West) · HillsboroAWS GovCloud (US)
  • AWS European Sovereign Cloud (Brandenburg) · BrandenburgAWS European Sovereign Cloud
  • China (Beijing) · BeijingAWS China (Sinnet)
  • China (Ningxia) · YinchuanAWS China (NWCD)
Commercial regions (33)

Europe (8)

  • Europe (Paris)
  • Europe (Frankfurt)
  • Europe (Ireland)
  • Europe (Milan)
  • Europe (Spain)
  • Europe (Stockholm)
  • Europe (Zurich)
  • Europe (London)

North America (7)

  • Canada West (Calgary)
  • Canada (Central)
  • Mexico (Central)
  • US East (N. Virginia)
  • US West (Oregon)
  • US East (Ohio)
  • US West (N. California)

South America (1)

  • South America (São Paulo)

Asia (11)

  • Asia Pacific (Hong Kong)
  • Asia Pacific (Hyderabad)
  • Asia Pacific (Mumbai)
  • Asia Pacific (Jakarta)
  • Asia Pacific (Osaka)
  • Asia Pacific (Tokyo)
  • Asia Pacific (Malaysia)
  • Asia Pacific (Singapore)
  • Asia Pacific (Seoul)
  • Asia Pacific (Taipei)
  • Asia Pacific (Thailand)

Oceania (2)

  • Asia Pacific (Melbourne)
  • Asia Pacific (Sydney)

Middle East (3)

  • Middle East (Bahrain)
  • Israel (Tel Aviv)
  • Middle East (UAE)

Africa (1)

  • Africa (Cape Town)

Tags

identityauthenticationoauthsamloidcciam

Equivalent services on other platforms

Microsoft Entra IDAzure

Cloud identity and access management (formerly Azure AD) with SSO, MFA, conditional access, B2B and B2C guest accounts, and privileged identity management

Cloud IAMGCP

Fine-grained identity and access management with predefined and custom roles, service accounts, workload identity federation, and audit logging

OCI Identity DomainsOracle

Enterprise identity-as-a-service covering workforce and customer identity with federation (SAML, OIDC), social sign-in, MFA, risk-based adaptive authentication, and delegated administration — the rebranded OCI IAM Identity Cloud Service

Pricing

Pricing model:pay-per-mau