Document history for Amazon Cognito
The following table describes important additions to the documentation for Amazon Cognito. We also make frequent minor updates to the documentation in response to the feedback that you send. To submit feedback, locate the Feedback link at the bottom of any page in Amazon Cognito documentation.
| Change | Description | Date |
|---|---|---|
| General improvements to user pool token documentation. | Updated example tokens, added new information about verifying tokens. See Using tokens with user pools. | February 16, 2023 |
| You can now log Amazon Cognito identity pools data events in AWS CloudTrail. | CloudTrail supports the selection of Amazon Cognito identity pools high-volume API operations in trails that log data events. See Amazon Cognito Federated Identities. | February 15, 2023 |
| Amazon Cognito identity pools apply an AWS managed policy to unauthenticated sessions. | Identity pool users who authenticate using the enhanced flow now have an additional AWS managed policy applied to their session. See Access policies. | January 31, 2023 |
| Updated Lambda trigger examples and descriptions. | Lambda trigger examples are updated to JavaScript version 3. You can now directly correlate Lambda triggers to API actions. See Customizing user pool workflows with Lambda triggers. | January 31, 2023 |
| Added code examples. | This guide now includes example code for your Amazon Cognito app in a variety of programming langages. See Code examples for Amazon Cognito using AWS SDKs. | January 23, 2023 |
| Added information about API models and authentication with Amazon Cognito user pools. | Amazon Cognito user pools have multiple API interfaces and formats for request authorization. See Using the Amazon Cognito native and OIDC APIs for more information. | December 15, 2022 |
| Amazon Cognito is now available in the Europe (Milan) AWS Region. | You can now create Amazon Cognito user pools in the Europe (Milan) Region. | December 6, 2022 |
| Added information about user pool deletion protection. | When you create a new user pool with the AWS Management Console, it's now protected against deletion by default. | October 20, 2022 |
| Added a user guide for the hosted UI, and information about TOTP MFA in the hosted UI. | Your users can now register a TOTP MFA device in the Amazon Cognito hosted UI. You can now preview the default hosted UI in Signing up and signing in with the hosted UI. | September 8, 2022 |
| Added information about AWS WAF and Amazon Cognito. | You can now associate a AWS WAF web ACL with a Amazon Cognito user pool. See Associating an AWS WAF web ACL with a user pool. | August 3, 2022 |
| Added more example AWS CloudTrail events. | Amazon Cognito now logs federation and hosted UI requests to your trail. | June 15, 2022 |
| Updated federation documentation. New IP address propagation feature. | Updated walkthroughs for setting up user pool social IdPs. Added information about federated user profiles and attribute mapping. Added new information about Adding user device and session data to API requests. | May 31, 2022 |
| Sign in federated users without interaction with the hosted UI | Added a new page about how to Bookmark Amazon Cognito apps in an enterprise dashboard so that Amazon Cognito silently directs users to federated sign-in. | March 29, 2022 |
| In-Region SMS and email messaging for Amazon Cognito user pools | You can now use Amazon Simple Notification Service for SMS messages, and Amazon Simple Email Service for email messages, in the same AWS Region as your user pool. | March 14, 2022 |
| Updates to quotas page | Added and clarified resource and request-rate quotas to Quotas in Amazon Cognito. | January 10, 2022 |
| New Amazon Cognito user pools console experience | Updated instructions to create and manage user pools in the updated Amazon Cognito console. | November 18, 2021 |
| RevokeToken API and Revocation Endpoint | You can use the RevokeToken operation to revoke a refresh token for a user. | June 10, 2021 |
| Publication of guide markdown to GitHub | As with all of AWS documentation, this guide now has markdown available
to review and comment on in at https://github.com/awsdocs/amazon-cognito-developer-guide |
March 23, 2021 |
| Multi-tenant best practices | Best practices for multi-tenant applications were added to the documentation. | March 4, 2021 |
| Attributes for access control | Amazon Cognito Identity Pools provide attributes for access control (AFAC) as a way for customers to grant users access to AWS resources. Authorization can be done based on users' attributes from the identity provider which they used to federate with Amazon Cognito. | January 15, 2021 |
| Custom SMS Sender Lambda Trigger and Custom Email Sender Lambda Trigger | The Custom SMS Sender Lambda Trigger and Custom Email Sender Lambda Trigger allow you to enable a third-party provider to send email and SMS notifications to your users from within your Lambda function code. | November 2020 |
| Amazon Cognito token updates | Updated expiration information was added to Access, ID, and Refresh tokens. | October 29, 2020 |
| Amazon Cognito Service Quotas | Service Quotas are available for Amazon Cognito category quotas. You can use the Service Quotas console to view quota usage, request a quota increase, and create CloudWatch alarms to monitor your quota usage. As part of this change the Available CloudWatch Metrics for Amazon Cognito User Pools section was updated to reflect the new information. The new section name is: Tracking quotas and usage in CloudWatch and Service Quotas | October 29, 2020 |
| Amazon Cognito quota categorization | Quota categories are available to help you monitor quota usage and request an increase. The quotas are grouped into categories based on common use cases. | August 17, 2020 |
| Amazon Cognito Pinpoint document updates | New service-linked role was added. Instructions were updated on "Using Amazon Pinpoint Analytics with Amazon Cognito User Pools". | May 13, 2020 |
| Amazon Cognito supported in US AWS GovCLoud | Amazon Cognito is now supported in the AWS GovCloud (US) Region. | May 13, 2020 |
| New Amazon Cognito dedicated security chapter | The Security chapter can help your organization get in-depth information about both the built-in and the configurable security of AWS services. Our new chapters provide information about the security of the cloud and in the cloud. | April 30, 2020 |
| Amazon Cognito Identity Pools now supports Sign in with Apple | Sign in with Apple is available in all regions where Amazon Cognito operates, except cn-north-1 region. | April 7, 2020 |
| New Facebook API Versioning | Added version selection to Facebook API. | April 3, 2020 |
| Username case insensitivity update | Added recommendation about enabling username case insensitivity before creating a user pool. | February 11, 2020 |
| New information about AWS Amplify | Added information about integrating Amazon Cognito with your web or mobile app by using AWS Amplify SDKs and libraries. Removed information about using the Amazon Cognito SDKs that preceded AWS Amplify. | November 22, 2019 |
| New attribute for user pool triggers | Amazon Cognito now includes a clientMetadata parameter in the event
information that it passes to the AWS Lambda functions for most user pool
triggers. You can use this parameter to enhance your custom authentication
workflow with additional data. |
October 4, 2019 |
| Updated limit | The throttling limit for the ListUsers API action is updated. For more information, see Quotas in Amazon Cognito. | June 25, 2019 |
| New limit | The soft limits for user pools now include a limit for the number of users. For more information, see Quotas in Amazon Cognito. | June 17, 2019 |
| Amazon SES email settings for Amazon Cognito user pools | You can configure a user pool so that Amazon Cognito emails your users by using your Amazon SES configuration. This setting allows Amazon Cognito to send email with a higher delivery volume than is otherwise possible. For more information, see Email settings for Amazon Cognito user pools. | April 8, 2019 |
| Tagging support | Added information about tagging Amazon Cognito resources. | March 26, 2019 |
| Change the certificate for a custom domain | If you use a custom domain to host the Amazon Cognito hosted UI, you can change the SSL certificate for this domain as needed. For more information, see Changing the SSL certificate for your custom domain. | December 19, 2018 |
| New limit | A new limit is added for the maximum number of groups that each user can belong to. For more information, see Quotas in Amazon Cognito. | December 14, 2018 |
| Updated limits | The soft limits for user pools are updated. For more information, see Quotas in Amazon Cognito. | December 11, 2018 |
| Documentation update for verifying email addresses and phone numbers | Added information about configuring your user pool to require email or phone verification when a user signs up in your app. For more information, see Verifying contact information at sign-up. | November 20, 2018 |
| Documentation update for testing emails | Added guidance for initiating emails from Amazon Cognito while you test your app. For more information, see Sending emails while testing your app. | November 13, 2018 |
| Amazon Cognito Advanced Security | Added new security features to enable developers to protect their apps and users from malicious bots, secure user accounts against compromised credentials, and automatically adjust the challenges required to sign in based on the calculated risk of the sign in attempt. | June 14, 2018 |
| Custom Domains for Amazon Cognito Hosted UI | Allow developers to use their own fully custom domain for the hosted UI in Amazon Cognito User Pools. | June 4, 2018 |
| Amazon Cognito User Pools OIDC Identity Provider | Added user pool sign-in through an OpenID Connect (OIDC) identity provider such as Salesforce or Ping Identity. | May 17, 2018 |
| Amazon Cognito Developer Guide Update | Added top level "What is Amazon Cognito" and "Getting Started with Amazon Cognito". Also added common scenarios and reorganized the user pools TOC. Added a new "Getting Started with Amazon Cognito user pools" section. | April 6, 2018 |
| Amazon Cognito Lambda Migration Trigger | Added pages covering the Lambda Migration Trigger feature | February 8, 2018 |
| Amazon Cognito Advanced Security Beta | Added new security features to enable developers to protect their apps and users from malicious bots, secure user accounts against credentials in the wild that have been compromised elsewhere on the internet, and automatically adjust the challenges required to sign in based on the calculated risk of the sign in attempt. | November 28, 2017 |
| Amazon Pinpoint integration | Added the ability to use Amazon Pinpoint to provide analytics for your Amazon Cognito User Pools apps and to enrich the user data for Amazon Pinpoint campaigns. For more information, see Using Amazon Pinpoint analytics with Amazon Cognito user pools. | September 26, 2017 |
| Federation and built-in app UI features of Amazon Cognito User Pools | Added the ability to allow your users to sign in to your user pool through Facebook, Google, Login with Amazon, or a SAML identity provider. Added a customizable built-in app UI and OAuth 2.0 support with custom claims. | August 10, 2017 |
| HIPAA and PCI compliance-related feature changes | Added the ability to allow your users to use a phone number or email address as their user name. | July 6, 2017 |
| User groups and role-based access control features | Added administrative capability to create and manage user groups. Administrators can assign IAM roles to users based on group membership and administrator-created rules. For more information, see Adding groups to a user pool and Role-based access control. | December 15, 2016 |
| Documentation update | Updated iOS code examples in Developer authenticated identities (identity pools). | November 18, 2016 |
| Documentation update | Added information about confirmation flow for user accounts. For more information, see Signing up and confirming user accounts. | November 9, 2016 |
| Create user accounts feature | Added administrative capability to create user accounts through the Amazon Cognito console and the API. For more information, see Creating user accounts as administrator. | October 6, 2016 |
| Documentation update | Updated examples that show how to use AWS Lambda triggers with user pools. For more information, see Customizing user pool workflows with Lambda triggers. | September 27, 2016 |
| User import feature | Added bulk import capability for Cognito User Pools. Use this feature to migrate users from your existing identity provider to an Amazon Cognito user pool. For more information, see Importing users into user pools from a CSV file. | September 1, 2016 |
| General availability of Cognito User Pools | Added the Cognito User Pools feature. Use this feature to create and maintain a user directory and add sign-up and sign-in to your mobile app or web application using user pools. For more information, see Amazon Cognito user pools. | July 28, 2016 |
| SAML support | Added support for authentication with identity providers through Security Assertion Markup Language 2.0 (SAML 2.0). For more information, see SAML identity providers (identity pools). | June 23, 2016 |
| CloudTrail integration | Added integration with AWS CloudTrail. For more information, see Logging Amazon Cognito API calls with AWS CloudTrail. | February 18, 2016 |
| Integration of events with Lambda | Enables you to execute an AWS Lambda function in response to important events in Amazon Cognito. For more information, see Amazon Cognito Events. | April 9, 2015 |
| Data stream to Amazon Kinesis | Provides control and insight into your data streams. For more information, see Amazon Cognito Streams. | March 4, 2015 |
| Push synchronization | Enables support for silent push synchronization. For more information, see Amazon Cognito Sync. | November 6, 2014 |
| OpenID Connect support | Enables support for OpenID Connect providers. For more information, see Identity pools (federated identities) external identity providers. | October 23, 2014 |
| Developer-authenticated identities support added | Enables developers who own their own authentication and identity management systems to be treated as an identity provider in Amazon Cognito. For more information, see Developer authenticated identities (identity pools). | September 29, 2014 |
| Amazon Cognito general availability | July 10, 2014 |
