AWS Developer Associate Introduction AWS SDKs and CLI Deep Dive AWS SAM Serverless Application Model API Gateway REST HTTP APIs AWS Lambda Advanced Patterns DynamoDB Developer Patterns AWS CI/CD CodePipeline CodeBuild Amazon Cognito Authentication AWS Step Functions Orchestration EventBridge Developer Patterns Amazon ECR Container Registry ECS Fargate Container Deployment AWS X-Ray Distributed Tracing Secrets Manager Parameter Store CloudWatch Logs Insights Developer AWS AppSync GraphQL CodeArtifact Maven npm PyPI AWS Cloud9 Cloud IDE AWS AppConfig Feature Flags Developer Testing Best Practices AWS CodeCommit Git Repository AWS CodeDeploy Deployment AWS CodeStar Collaborative Dev Amazon S3 Developer Patterns Kinesis Data Streams Analytics AWS CDK Infrastructure Code AWS Amplify Fullstack Framework AWS CloudShell Browser IDE Serverless Application Repository AWS Developer Security Best Practices

Back to Lessons

Amazon Cognito Authentication

April 5, 2026

User Authentication & Authorization

Manage user directories, JWT tokens, OAuth flows.

Cognito Components

User Pools:
- User sign-up/sign-in
- MFA/password policies
- User attributes/groups
- JWT tokens (ID/Access)

Identity Pools:
- Cognito Identity ID
- Assume IAM roles
- Temporary AWS credentials

Hosted UI:
- Pre-built login pages
- OAuth2 flows (Google/Facebook)

Token Validation

jwks.json endpoint
Verify JWT signature/claims
Lambda triggers (pre/post auth)
Admin APIs (no user context)

Previous Lesson Next Lesson