Using the Amazon Cognito console
You can use the Amazon Cognito console
This guide provides step-by-step walkthroughs for common Amazon Cognito user pool tasks in the Amazon Cognito console.
To use the Amazon Cognito console
-
To use Amazon Cognito, you need to sign up for an AWS account.
-
Go to the Amazon Cognito console
. You might be prompted for your AWS credentials. -
To create or edit a user pool, choose User Pools from the left navigation pane.
For more information, see Getting started with user pools.
-
To create or edit an identity pool, choose Identity pools. You will be directed to the original console for Amazon Cognito identity pools.
For more information, see Getting started with Amazon Cognito identity pools.
The Amazon Cognito console is a part of the AWS Management Console, which provides information about your account and billing. For more information, see Working with the AWS Management Console.
The user pools console
From the User pools view in the Amazon Cognito console, choose a user pool from the list to view details. In the detailed view, the User pool overview at the top of the console contains basic information about your user pool. The following tabs organize your user pool configuration into related functions.
- Users
-
The Users tab contains information about users and user imports from CSV files. You can add, remove, and edit users in this tab.
- Groups
-
The Groups tab contains information about user groups. You can add, modify, and change membership in groups, and change the IAM roles that are associated with groups for identity-pool integration.
References
- Sign-in experience
-
The Sign-in experience tab contains information about how users sign in to your user pool. In this tab are third-party identity providers, username options, the password policy, multi-factor authentication (MFA) configuration, forgot-password behavior, and device remembering. You can add and modify identity providers, and change the overall sign-in behavior of your user pool.
- Sign-up experience
-
The Sign-up experience tab contains information about self-service sign-up, required attributes, verifying phone numbers and email addresses, and custom attributes.
- Messaging
-
The Messaging tab contains information about the AWS services that you want to use to send email and SMS messages to your users, and the format of the messages that you want to send them.
- App integration
-
The App integration tab contains information about user pool app clients, the domain that you assign to your user pool service endpoints, API resource servers, the hosted UI, and advanced security. You can drill down into each app client to configure the following.
-
Token settings
-
Callback URLs
-
Authentication flows
-
Attribute permissions
-
App-specific advanced security and hosted UI settings
-
Amazon Pinpoint analytics
-
- Advanced security
-
The Advanced security tab contains information about advanced security threat protection and other advanced security features.
References
- User pool properties
-
The User pool properties tab contains information about user pool configuration not directly related to users: Lambda triggers, AWS WAF web ACL protection, deletion protection, and resource tags.
The identity pools console
From the Identity pools view in the Amazon Cognito console, choose an identity pool from the list to view details. In the detailed view, the Identity pool overview at the top of the console contains basic information about your user pool. The following tabs organize your user pool configuration into related functions.
- User statistics
-
The User statistics tab displays statistical information about the users who have generated identities in your identity pool. You can't configure any identity pool settings in this tab.
- Identity browser
-
The Identity browser tab contains information about the individual identities that users have generated in your identity pool. You can view and delete identities.
- User access
-
The User access tab contains information about the identity providers you've linked to your identity pool, developer providers, the default IAM roles assigned to identities, and unauthenticated guest access configuration. You can drill down into each identity provider to configure the following.
-
Role-based access control with IAM Role selection
-
Attribute-based access control with Attributes for access control
-
- Identity pool properties
-
The Identity pool properties tab contains information about miscellaneous identity pool configuration: basic (classic) authentication and resource tags.