Amazon Cognito: The Complete Introduction (2019)

Application security in AWS with Cognito service which provides identity, authentication and access control features.

Implementing security for your application is not easy, starting with managing username and password in a database it quickly gets complicated with authentication flows, access control and token management. Amazon Cognito provides a simple and secure way to add authentication and access control to your application. Amazon Cognito is a serverless service and scales to millions of users without any further configuration. Amazon Cognito supports sign-in with social identity providers like Facebook, Google, and Amazon and enterprise identity providers via SAML 2.0.

What you’ll learn

  • Understand Amazon Cognito core features and its main components: User pool and Identity pool.
  • Utilize Cognito user pool’s hosted UI for sign-up, sign-in, forgot password, change password, email/phone verification and other flows.
  • Implement federation or single-sign-on feature for your application with social identities like Facebook.
  • Use role-based authorization to access AWS services directly from the mobile or web application.
  • Secure API Gateway API by only allowing authorized users to invoke the API.
  • Common usage scenario for Amazon Cognito user pool and identity pool.

Course Content

  • Overview –> 4 lectures • 9min.
  • User Pool –> 10 lectures • 54min.
  • Identity Pool –> 5 lectures • 27min.
  • Wrap Up –> 3 lectures • 3min.

Amazon Cognito: The Complete Introduction (2019)

Requirements

  • Basic understanding of AWS.
  • Basic programming skills to follow labs.
  • High level understanding of basic security concepts like authentication, authorization and identity.

Implementing security for your application is not easy, starting with managing username and password in a database it quickly gets complicated with authentication flows, access control and token management. Amazon Cognito provides a simple and secure way to add authentication and access control to your application. Amazon Cognito is a serverless service and scales to millions of users without any further configuration. Amazon Cognito supports sign-in with social identity providers like Facebook, Google, and Amazon and enterprise identity providers via SAML 2.0.

 

Some of the core features of Amazon Cognito are:

  • Secure and scalable user directory
  • Identity federation with social and enterprise identity providers
  • Access control for AWS resources
  • Easy integration with SDK and built-in UI

 

This course is a technical hands-on course to use Amazon Cognito for securing your application. The primary objectives of this course are:

  • Understand the importance of identity, authentication and authorization
  • Understand Amazon Cognito’s core features
  • Detailed look at tokens and token management
  • Add single-sign-on feature to our application
  • Secure API gateway API using Cognito user pool authorizer
  • Understand and implement Amazon Cognito identity pool to securely access AWS services or other backend resources directly from application
  • Implement identity pool with user pool and other identity providers like Facebook, Amazon, etc.
  • Common usage scenario for user pool and identity pool

 

All the source code for the lab exercises is attached to the first section and individual lab lecture.