Add user sign-in and secure access to AWS for your apps
Amazon Cognito lets you easily add user sign-in to your mobile and web apps. With Amazon Cognito, you also have the options to authenticate users through social identity providers such as Amazon, with SAML identity solutions (such as Microsoft ADFS), or by using your own identity system.
With Amazon Cognito, you can focus on creating great app experiences instead of worrying about building, securing, and scaling a solution to handle user authentication.
Federate identities and provide secure access to AWS resources
Cognito Identity allows you to easily federate identities so that your users can sign-in through social identity providers such as Amazon or using your own identity solution. You can also let your users sign-in through identity providers that support Security Assertion Markup Language (SAML) such as Microsoft ADFS. When you use Amazon Cognito, your app is provided with temporary, limited-privilege credentials that it can use to access AWS resources. You can set granular access permissions on your AWS resources, for example, you can limit access to a folder within an S3 bucket to a particular app user, or enable unauthenticated users to access a restricted set of resources. This means your app can access the resources it needs and that you can follow security best practices by not hardcoding credentials in your app. To learn more, visit our docs.