- Published on
What is difference between Amazon Cognito user pools and identity pools?
- Authors
- Name
- KAUSTUBH SHARMA
User Pools
User pools are for authentication (identify verification). With a user pool, your app users can sign in through the user pool or federate through a third-party identity provider (IdP).
When to use User Pool?
Design sign-up and sign-in webpages for your app. Access and manage user data. Track user device, location, and IP address, and adapt to sign-in requests of different risk levels. For Social sign-in with Facebook, Google, Login with Amazon, and Sign in with Apple, as well as sign-in with SAML identity providers like Social sign-in with Facebook, Google, Login with Amazon, and Sign in with Apple, as well as sign-in with SAML identity providers from your user pool. from your user pool. Use a custom authentication flow for your app.
Identity pools
Identity pools are for authorization (access control). You can use identity pools to create unique identities for users and give them access to other AWS services. To enable users in your user pool to access AWS resources, you can configure an identity pool to exchange user pool tokens for AWS credentials.
When to use Identity Pool?
Give your users access to AWS resources, such as an Amazon Simple Storage Service (Amazon S3) bucket or an Amazon DynamoDB table. Generate temporary AWS credentials for unauthenticated users.