AWS Cognito (OpenID Identity Provider)

An Amazon Cognito user pool is a user directory for web and mobile app authentication and authorization.
From the perspective of your app, an Amazon Cognito user pool is an OpenID Connect (OIDC) identity provider (IdP).
A user pool adds layers of features for security, identity federation, app integration, and user experience customization.
- You can, for example, verify that your users’ sessions are from trusted sources.
- You can combine the Amazon Cognito directory with an external identity provider.
With your preferred AWS SDK, you can choose the best API authorization model for your app.
You can add AWS Lambda functions that modify or overhaul the default behavior of Amazon Cognito.