Authentication
Authorization
If someone wants to gain access to the backend services, they must first get authorization from the owner of the resources. This means until you give permission for your user to access the resources, they will not be able to do so.
User Management
AWS Cognito allows you to manage the data of your users through an SDK. This user’s data can be email, phone number, or their first and last name. ..
User Pools
User pools let you have access to the profiles of the users who are currently logged into your website or application. This can be helpful if you want to see what users are doing on your site or if you need to contact them. ..
Features Of The User Pool
Customized authentication flow service is the flow that you can get through AWS lambda. The user pool directly doesn’t allow this, so you get it through AWS lambda. For example, before logging in to your application, instead of entering a password, the user gets an OTP. So, in this case, they just have to fill in their email or phone number to get access to your website/application. This is passwordless authentication. ..
User Directory And Profile Management
With user directory and profile management, you can see and access the profiles of every user in the user pool. Fine-grained access control with groups makes it easy for you to give access to your users according to priority.
Your website’s users can be divided into two groups: those who have learned the basics and those who want to learn more.
Group B students are more likely to have lower GPAs than Group A students. This is likely due to the fact that Group B students are more likely to come from low-income families. ..
Now, you can decide the extent of access for each group. Say group A are admin users. You give them full access to edit, upload, and create videos or content on your website. But for group B, who are students, you restrict access to reading or viewing only.
You can grant different levels of access to people who subscribe to different plans in your mobile application. For example, subscribers to the basic plan get limited access. On the other hand, subscribers of the advanced plan get full access to the features of your application.
Server-Server Authority
User Migration Service
This feature helps in contacting one service to another. It allows for the user pool to remember user devices and 2FA/MA, phone and email verification. This includes security features like multi-factor authentication, remembering the devices of users, and phone or email verification.
You can use the user pool authentication feature to move user directory services from one system to another. This doesn’t require users to reset their passwords, and they can continue using their accounts without having to provide new credentials. When your users get the user pool authentication, they receive tokens that can be traded for credentials that are important for accessing other services. ..
Identity Pools
Integrating social media platforms with user pools can help businesses better target their marketing efforts. ..
Sign-Up And Sign In With The User Pool
Your users can sign up or sign-in using the user pool. Otherwise, they can still use their social media accounts to gain authentication for the Cognito identity pool.
Access For Visitors
Guest users have a special authority to gain access to one or two of the backend services in a secure way. ..
User Data Sync Between Devices
Your user’s identity is unique, even on other devices. As you have access to their user profile, you can change or delete data there. This happens on other devices instantly.
Your users’ identities are synchronized with other devices. Any changes to the identity get upgraded to other devices through push synchronization identity. Role-based access control at the user level. This is the same as assigning access to groups, but instead of the groups, you give access at a user level.
