
Explore how Amazon Cognito delivers authentication, authorization, and user management via user pools, social logins, and Lambda triggers, then provides temporary AWS credentials for secure serverless apps.
Describe how a Cognito user pool acts as a directory for app users, enabling sign up and sign in, and multifactor authentication workflows, verifications, lambda triggers, and social sign in.
Use the Cognito hosted user interface to manage sign up, sign in, and password flows with app client and domain. Authenticate to obtain tokens and learn code and implicit grant.
Discover how to customize Amazon Cognito flows with lambda triggers across sign-up, authentication, and migration, including pre sign-up, custom message, post confirmation, pre authentication, and pre token generation.
Explore federation in Amazon Cognito, enabling single sign-on with Facebook, Google, and other identity providers; learn how Cognito mediates tokens and maps attributes to user profiles.
Authenticate with Facebook via the Facebook SDK, obtain tokens, and exchange them for temporary Cognito credentials from an identity pool; use these to add items to DynamoDB without API Gateway.
Explore the common usage scenarios for Amazon Cognito, including identity pools with api gateway authorizers and token validation, user pools with customer validation, and obtaining credentials from identity pools.
Implementing security for your application is not easy, starting with managing username and password in a database it quickly gets complicated with authentication flows, access control and token management. Amazon Cognito provides a simple and secure way to add authentication and access control to your application. Amazon Cognito is a serverless service and scales to millions of users without any further configuration. Amazon Cognito supports sign-in with social identity providers like Facebook, Google, and Amazon and enterprise identity providers via SAML 2.0.
Some of the core features of Amazon Cognito are:
Secure and scalable user directory
Identity federation with social and enterprise identity providers
Access control for AWS resources
Easy integration with SDK and built-in UI
This course is a technical hands-on course to use Amazon Cognito for securing your application. The primary objectives of this course are:
Understand the importance of identity, authentication and authorization
Understand Amazon Cognito's core features
Detailed look at tokens and token management
Add single-sign-on feature to our application
Secure API gateway API using Cognito user pool authorizer
Understand and implement Amazon Cognito identity pool to securely access AWS services or other backend resources directly from application
Implement identity pool with user pool and other identity providers like Facebook, Amazon, etc.
Common usage scenario for user pool and identity pool
All the source code for the lab exercises is attached to the first section and individual lab lecture.