Friday, November 22, 2024
Facebook Instagram Pinterest Telegram Twitter Youtube

Enhance App Authentication with Amazon Cognito’s Latest Features

NewsEnhance App Authentication with Amazon Cognito's Latest Features
By Neil S
Improve your app authentication workflow with new Amazon Cognito features | Amazon Web Services

Significant Enhancements to Amazon Cognito: A Comprehensive Guide

Amazon Cognito, a service introduced by Amazon Web Services (AWS) a decade ago, plays a crucial role in managing customer identity and access in web and mobile applications. This service facilitates a variety of use cases, from simplifying the sign-in and sign-up processes for users to securing machine-to-machine authentication and enabling role-based access to AWS resources. Recently, Amazon has announced a series of updates to Amazon Cognito that enhances its flexibility, security, and user experience, making it a more powerful tool for developers.

A New Developer-Focused Console Experience

The latest updates to Amazon Cognito include a new streamlined console experience that focuses on developers. This new interface is designed to help developers quickly get started by using a wizard and recommendations that are specific to their use case. This approach allows developers to configure their applications more efficiently and reach their end users faster.

To begin using the new Amazon Cognito flow, follow these steps:

  1. Choose the type of application you want to build.
  2. Configure the sign-in options according to your application’s needs.
  3. Integrate the sign-in and sign-up pages with your application by following the provided instructions.

    Once these steps are completed, you can select "Create" to set up your application. Amazon Cognito will automatically create your application and a new user pool, which serves as a user directory for authentication and authorization. You can then review your sign-in page or use the example code provided to integrate it into your application. Amazon Cognito supports major application frameworks and provides detailed integration instructions using standard OpenID Connect (OIDC) and OAuth libraries.

    The new overview dashboard for your application includes important information in the "Details" section and offers a set of recommendations to help guide your development process.

    Introducing Managed Login

    One of the most significant enhancements to Amazon Cognito is the introduction of Managed Login. This feature allows developers to create highly customized sign-up and sign-in experiences that seamlessly integrate with their company’s applications. Managed Login takes care of availability, scaling, and security, ensuring that your application remains secure and up-to-date with the latest features and security patches without requiring further code changes.

    To use Managed Login, you need to assign a domain to your application. You can choose a randomly generated sub-domain of the Amazon Cognito domain or use a custom domain to provide a familiar domain name for your users. After setting up the domain, you can select your preferred branding version: Managed Login or the classic Hosted UI.

    For existing Amazon Cognito users familiar with the classic Hosted UI, Managed Login is an improved version offering a new collection of web interfaces for sign-up and sign-in, built-in responsiveness for various screen sizes, multi-factor authentication, and password-reset activities.

    The branding designer, a no-code visual editor, allows developers to customize the look and feel of the user journey, from sign-up and sign-in to password recovery and multi-factor authentication. The branding designer provides a real-time preview and convenient shortcuts to view screens in different sizes and display modes before launching the application.

    Passwordless Login Support

    Managed Login also supports passwordless authentication methods, including signing in with passkeys, email one-time passwords (OTP), and SMS OTP. Passkey support allows users to authenticate using cryptographic keys stored securely on their devices, offering enhanced security compared to traditional passwords. This feature helps implement secure and low-friction authentication methods without needing deep understanding of WebAuthn protocols.

    By reducing the friction associated with traditional password-based sign-ins, passwordless login simplifies application access for users while maintaining high security standards.

    New Pricing Tiers: Lite, Essentials, and Plus

    Amazon Cognito has introduced new user pool feature tiers: Lite, Essentials, and Plus. These tiers cater to different customer needs and use cases. The Essentials tier is the default for new user pools created by customers. This tier structure allows developers to choose the most suitable option based on their application requirements, with the flexibility to switch between tiers as needed.

    To check your current tier, visit your application dashboard and select "Feature plan" or go to "Settings" in the navigation menu. This page provides detailed information about each tier and the option to upgrade or downgrade your plan.

    Here is a quick overview of each tier:

    • Lite Tier: Includes existing features such as user registration, password-based authentication, and social identity provider integration, packaged together for existing Amazon Cognito users.
    • Essentials Tier: Offers comprehensive authentication and access control features, enabling secure, scalable, and customized sign-up and sign-in experiences. It includes all Lite capabilities and supports Managed Login and passwordless login options using passkeys, email, or SMS. The Essentials tier also allows customizing access tokens and disallowing password reuse.
    • Plus Tier: Builds upon the Essentials tier, focusing on elevated security needs. It includes all Essentials features plus threat protection against suspicious login activity, detection of compromised credentials, risk-based adaptive authentication, and user authentication event logs for threat analysis.

      Pricing for these tiers is based on monthly active users. Customers using Amazon Cognito’s advanced security features might find the Plus tier beneficial, as it includes all advanced security capabilities and offers significant savings.

      Important Information to Note

    • Availability: The Essentials and Plus tiers are available in all AWS regions where Amazon Cognito is available, except AWS GovCloud (US) regions.
    • Free Tier: Customers on the Lite and Essentials tiers can enjoy a free tier each month that does not automatically expire. This offer is available to all existing and new AWS customers indefinitely.
    • Extended Pricing Benefit: Customers with existing accounts without advanced security features (ASF) are eligible to upgrade their user pools to Essentials and pay the same price as Cognito user pools until November 30, 2025, provided they meet specific criteria.

      These updates to Amazon Cognito empower developers to implement secure, scalable, and customizable authentication solutions for their applications. For more detailed information, visit the Amazon Cognito documentation.

      Happy building!

For more Information, Refer to this article.

You may also like these:

  1. AWS Highlights: Lambda, Bedrock, Redshift, CloudWatch & More Updates
  2. X-59 Powers Up Engine for Initial Takeoff
  3. IBM Report Reveals Traits of AI Leader Businesses
Neil S
Neil S
Neil is a highly qualified Technical Writer with an M.Sc(IT) degree and an impressive range of IT and Support certifications including MCSE, CCNA, ACA(Adobe Certified Associates), and PG Dip (IT). With over 10 years of hands-on experience as an IT support engineer across Windows, Mac, iOS, and Linux Server platforms, Neil possesses the expertise to create comprehensive and user-friendly documentation that simplifies complex technical concepts for a wide audience.
Watch & Subscribe Our YouTube Channel
YouTube Subscribe Button

Latest From Hawkdive

You May like these Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2023 - Hawkdive- All Rights Reserved | Designed by Hawkdive Media