Services or capabilities described in this page might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China Regions. Only “Region Availability” and “Feature Availability and Implementation Differences” sections for specific services (in each case exclusive of content referenced via hyperlink) in Getting Started with Amazon Web Services in China Regions form part of the Documentation under the agreement between you and Sinnet or NWCD governing your use of services of Amazon Web Services China (Beijing) Region or Amazon Web Services China (Ningxia) Region (the “Agreement”). Any other content contained in the Getting Started pages does not form any part of the Agreement.

Amazon Cognito Documentation

Amazon Cognito is designed to let you add user sign-up, sign-in, and access control to your web and mobile apps. Amazon Cognito scales to millions of users and supports sign-in with social identity providers and enterprise identity providers.

An identity store for all your apps and users

Amazon Cognito User Pools provide a secure identity store that can be set up without provisioning any infrastructure. User Pools store user profiles and support authentication for users who sign up directly and for federated users who sign in with social and enterprise identity providers.

Built-in customizable user interface to sign in users

Amazon Cognito provides a built-in and customizable user interface for user sign-up and sign-in.

Advanced security features to protect your users

Using advanced security features for Amazon Cognito may help you protect access to user accounts in your applications. These advanced security features provide risk-based adaptive authentication and protection from the use of compromised credentials.

Social and enterprise identity federation

Amazon Cognito is designed to enable your users to sign-in through social identity providers and through enterprise identity providers.

Access control for Amazon Web Services resources

Amazon Cognito provides solutions to control access to Amazon Web Services resources from your app. You can define roles and map users to different roles so your app can access only the resources that are authorized for each user. Alternatively, you can use attributes from identity providers in Amazon Identity and Access Management permission policies, so you can control access to resources to users who meet specific attribute conditions.

Standards-based authentication

Amazon Cognito uses common identity management standards.

Adaptive authentication

Using advanced security features for Amazon Cognito to add adaptive authentication to your applications may help protect your applications’ user accounts and user experience. When Amazon Cognito detects unusual sign-in activity, such as sign-in attempts from new locations and devices, it assigns a risk score to the activity and lets you choose to either prompt users for additional verification or block the sign-in request. Users can verify their identities using SMS or a Time-based One-time Password (TOTP) generator.

Protection from compromised credentials

Advanced security features for Amazon Cognito are designed to help protect your application users from unauthorized access to their accounts using compromised credentials. When Amazon Cognito detects users have entered credentials that have been compromised elsewhere, it prompts them to change their password.

Additional Information

For additional information about service controls, security features and functionalities, including, as applicable, information about storing, retrieving, modifying, restricting, and deleting data, please see https://docs.amazonaws.cn/en_us. This additional information does not form part of the Documentation for purposes of the Sinnet Customer Agreement for Amazon Web Services (Beijing Region), Western Cloud Data Customer Agreement for Amazon Web Services (Ningxia Region) or other agreement between you and Sinnet or NWCD governing your use of services of Amazon Web Services China Regions.