29

Let's say I have a few clients: corporation x, y, z. each of those corporation has their employees and their SSO (mostly SAML but can be also OpenId or anything else).

I want to be able to integrate with their SSO so they can log in to my application without giving me their credentials. Something like cloudfoundry UAA. Which one should i use: AWS SSO or AWS Cognito? What's the difference?

Simeon Leyzerzon
  • 18,658
  • 9
  • 54
  • 82
piotrek
  • 13,982
  • 13
  • 79
  • 165

1 Answers1

44

I am on the Amazon Cognito team.

Amazon Cognito is our identity management solution for developers building B2C or B2B apps for their customers, which makes it a customer-targeted IAM and user directory solution.

AWS SSO is focused on SSO for employees accessing AWS and business apps, initially with Microsoft AD as the underlying employee directory.

We plan to integrate Cognito User Pools and AWS SSO as part of our roadmap.

Fritz Duchardt
  • 11,026
  • 4
  • 41
  • 60
Ionut Trestian
  • 5,473
  • 2
  • 20
  • 29
  • Is there any word on progress of integration between Cognito User Pools and AWS SSO yet please? Use case is to allow ALB authentication using Cognito backed by SSO as the user pool, meaning apps fronted by ALB could be seen as business apps by SSO. See https://serverfault.com/q/977052/406287. – John Jul 29 '19 at 15:10
  • You may not need cognito at all since ALB directly supports oidc integration with azure. – l85m Nov 30 '19 at 13:33
  • Can we have something like auth0? Cognito with SSO feature, as my case, im using id pool to connect my openid provider, let say i have 2 domains, i want them sso together with Cognito, is it possible currently? – user192344 Mar 17 '20 at 09:23
  • user192344 :- I am facing the same problem exactly as yours have you find any solution please help me –  Feb 01 '21 at 00:58
  • what is the difference under the hood? – ilam engl Nov 24 '22 at 15:06