2 min Security

AWS introduces updates to Amazon Cognito

AWS introduces updates to Amazon Cognito

New features have been added to Amazon Web Services’ (AWS) identity and access management platform to help developers implement secure, scalable and customizable authentication solutions for their applications.

Amazon Web Services announces updates to Amazon Cognito. This reports Dark Reading. Cognito is the identity and access management service for Web and mobile applications. With this service, developers can achieve secure machine-to-machine authentication and enable role-based access to AWS resources. They can also create login and registration experiences within applications.

Passwordless login

Cognito now supports passwordless login with managed login, which allows users to integrate passwordless authentication methods. These include passkeys, one-time passwords via email, and one-time passwords via SMS.

The new features include a developer-focused console experience that simplifies onboarding. This is done through a wizard, and recommendations are made based on specific usage scenarios. It allows developers to configure their login options and follow the instructions provided by the system to create the application’s login and registration screens.

Detailed instructions

According to the blog post announcing the updates, Amazon Cognito automatically creates a new user pool and a user directory for authentication and authorization. It also supports key application frameworks and provides detailed instructions for integration using standard OpenID Connect (OIDC) and OAuth open-source libraries.

AWS has updated Cognito’s pricing structure and introduced new user pool functionality levels: Lite, Essentials, and Plus. New user pools are created at the Essentials level by default, and users can switch between levels depending on their needs.

Different levels

The Lite level includes user registration, password-based authentication, and integration with social identity providers. The Essentials level provides more comprehensive authentication and access control features, including managed login, passwordless capabilities, and enhanced security options. The Plus level offers even more security features, such as threat protection against suspicious login attempts and detection of compromised login credentials.

Pricing is based on the number of monthly active users. The Essentials and Plus levels are available in all AWS regions where Cognito is available, except the AWS GovCloud (US) regions.