Please enable JavaScript.
Coggle requires JavaScript to display documents.
AWS Cognito - Coggle Diagram
AWS Cognito
Cognito User Pools (CUP)
Integrate with
API gateway & ALB
natively
can integrate with
aws lambda
Auth Events (pre auth, post auth, pre token)
Sign-In (pre-signup, post confirm, migrate)
messages (custom message - i18n)
Token creation (+/- attr in id token)
hosted auth UI
custom CSS, logo
must create ACM cert in us-east-1
in App Integration section
Adaptive AUth
Block signin | req MFA if login appear suspicious
integrate with cloudwatch
ALB - Auth users
Identity provider (IdP)
(OpenID connect - OIDC)
Cognito User Pools
Must use HTTPS listener
to set authenticate-oidc &
auth-cognito rule
OnUnauthenticatedRequest
authen (default), deny allow
keyword
hundres of users
mobile users
auth with SAML
Cognito Identity Pools
(access control)
Get identity -> obtain temp AWS cred
allow unauthe (guest) access
policy variable: parition user access
${cognito-identity.amazonaws.com:sub}
Cognito Identity Pools (FI)
Integrate with Cognito User Pools as
identity provider