Document history for Amazon Cognito - Amazon Cognito

Document history for Amazon Cognito

The following table describes important additions to the documentation for Amazon Cognito. We also make frequent minor updates to the documentation in response to the feedback that you send. To submit feedback, locate the Feedback link at the bottom of any page in Amazon Cognito documentation.

Change Description Date
General improvements to user pool token documentation. Updated example tokens, added new information about verifying tokens. See Using tokens with user pools. February 16, 2023
You can now log Amazon Cognito identity pools data events in AWS CloudTrail. CloudTrail supports the selection of Amazon Cognito identity pools high-volume API operations in trails that log data events. See Amazon Cognito Federated Identities. February 15, 2023
Amazon Cognito identity pools apply an AWS managed policy to unauthenticated sessions. Identity pool users who authenticate using the enhanced flow now have an additional AWS managed policy applied to their session. See Access policies. January 31, 2023
Updated Lambda trigger examples and descriptions. Lambda trigger examples are updated to JavaScript version 3. You can now directly correlate Lambda triggers to API actions. See Customizing user pool workflows with Lambda triggers. January 31, 2023
Added code examples. This guide now includes example code for your Amazon Cognito app in a variety of programming langages. See Code examples for Amazon Cognito using AWS SDKs. January 23, 2023
Added information about API models and authentication with Amazon Cognito user pools. Amazon Cognito user pools have multiple API interfaces and formats for request authorization. See Using the Amazon Cognito native and OIDC APIs for more information. December 15, 2022
Amazon Cognito is now available in the Europe (Milan) AWS Region. You can now create Amazon Cognito user pools in the Europe (Milan) Region. December 6, 2022
Added information about user pool deletion protection. When you create a new user pool with the AWS Management Console, it's now protected against deletion by default. October 20, 2022
Added a user guide for the hosted UI, and information about TOTP MFA in the hosted UI. Your users can now register a TOTP MFA device in the Amazon Cognito hosted UI. You can now preview the default hosted UI in Signing up and signing in with the hosted UI. September 8, 2022
Added information about AWS WAF and Amazon Cognito. You can now associate a AWS WAF web ACL with a Amazon Cognito user pool. See Associating an AWS WAF web ACL with a user pool. August 3, 2022
Added more example AWS CloudTrail events. Amazon Cognito now logs federation and hosted UI requests to your trail. June 15, 2022
Updated federation documentation. New IP address propagation feature. Updated walkthroughs for setting up user pool social IdPs. Added information about federated user profiles and attribute mapping. Added new information about Adding user device and session data to API requests. May 31, 2022
Sign in federated users without interaction with the hosted UI Added a new page about how to Bookmark Amazon Cognito apps in an enterprise dashboard so that Amazon Cognito silently directs users to federated sign-in. March 29, 2022
In-Region SMS and email messaging for Amazon Cognito user pools You can now use Amazon Simple Notification Service for SMS messages, and Amazon Simple Email Service for email messages, in the same AWS Region as your user pool. March 14, 2022
Updates to quotas page Added and clarified resource and request-rate quotas to Quotas in Amazon Cognito. January 10, 2022
New Amazon Cognito user pools console experience Updated instructions to create and manage user pools in the updated Amazon Cognito console. November 18, 2021
RevokeToken API and Revocation Endpoint You can use the RevokeToken operation to revoke a refresh token for a user. June 10, 2021
Publication of guide markdown to GitHub As with all of AWS documentation, this guide now has markdown available to review and comment on in at https://github.com/awsdocs/amazon-cognito-developer-guide. March 23, 2021
Multi-tenant best practices Best practices for multi-tenant applications were added to the documentation. March 4, 2021
Attributes for access control Amazon Cognito Identity Pools provide attributes for access control (AFAC) as a way for customers to grant users access to AWS resources. Authorization can be done based on users' attributes from the identity provider which they used to federate with Amazon Cognito. January 15, 2021
Custom SMS Sender Lambda Trigger and Custom Email Sender Lambda Trigger The Custom SMS Sender Lambda Trigger and Custom Email Sender Lambda Trigger allow you to enable a third-party provider to send email and SMS notifications to your users from within your Lambda function code. November 2020
Amazon Cognito token updates Updated expiration information was added to Access, ID, and Refresh tokens. October 29, 2020
Amazon Cognito Service Quotas Service Quotas are available for Amazon Cognito category quotas. You can use the Service Quotas console to view quota usage, request a quota increase, and create CloudWatch alarms to monitor your quota usage. As part of this change the Available CloudWatch Metrics for Amazon Cognito User Pools section was updated to reflect the new information. The new section name is: Tracking quotas and usage in CloudWatch and Service Quotas October 29, 2020
Amazon Cognito quota categorization Quota categories are available to help you monitor quota usage and request an increase. The quotas are grouped into categories based on common use cases. August 17, 2020
Amazon Cognito Pinpoint document updates New service-linked role was added. Instructions were updated on "Using Amazon Pinpoint Analytics with Amazon Cognito User Pools". May 13, 2020
Amazon Cognito supported in US AWS GovCLoud Amazon Cognito is now supported in the AWS GovCloud (US) Region. May 13, 2020
New Amazon Cognito dedicated security chapter The Security chapter can help your organization get in-depth information about both the built-in and the configurable security of AWS services. Our new chapters provide information about the security of the cloud and in the cloud. April 30, 2020
Amazon Cognito Identity Pools now supports Sign in with Apple Sign in with Apple is available in all regions where Amazon Cognito operates, except cn-north-1 region. April 7, 2020
New Facebook API Versioning Added version selection to Facebook API. April 3, 2020
Username case insensitivity update Added recommendation about enabling username case insensitivity before creating a user pool. February 11, 2020
New information about AWS Amplify Added information about integrating Amazon Cognito with your web or mobile app by using AWS Amplify SDKs and libraries. Removed information about using the Amazon Cognito SDKs that preceded AWS Amplify. November 22, 2019
New attribute for user pool triggers Amazon Cognito now includes a clientMetadata parameter in the event information that it passes to the AWS Lambda functions for most user pool triggers. You can use this parameter to enhance your custom authentication workflow with additional data. October 4, 2019
Updated limit The throttling limit for the ListUsers API action is updated. For more information, see Quotas in Amazon Cognito. June 25, 2019
New limit The soft limits for user pools now include a limit for the number of users. For more information, see Quotas in Amazon Cognito. June 17, 2019
Amazon SES email settings for Amazon Cognito user pools You can configure a user pool so that Amazon Cognito emails your users by using your Amazon SES configuration. This setting allows Amazon Cognito to send email with a higher delivery volume than is otherwise possible. For more information, see Email settings for Amazon Cognito user pools. April 8, 2019
Tagging support Added information about tagging Amazon Cognito resources. March 26, 2019
Change the certificate for a custom domain If you use a custom domain to host the Amazon Cognito hosted UI, you can change the SSL certificate for this domain as needed. For more information, see Changing the SSL certificate for your custom domain. December 19, 2018
New limit A new limit is added for the maximum number of groups that each user can belong to. For more information, see Quotas in Amazon Cognito. December 14, 2018
Updated limits The soft limits for user pools are updated. For more information, see Quotas in Amazon Cognito. December 11, 2018
Documentation update for verifying email addresses and phone numbers Added information about configuring your user pool to require email or phone verification when a user signs up in your app. For more information, see Verifying contact information at sign-up. November 20, 2018
Documentation update for testing emails Added guidance for initiating emails from Amazon Cognito while you test your app. For more information, see Sending emails while testing your app. November 13, 2018
Amazon Cognito Advanced Security Added new security features to enable developers to protect their apps and users from malicious bots, secure user accounts against compromised credentials, and automatically adjust the challenges required to sign in based on the calculated risk of the sign in attempt. June 14, 2018
Custom Domains for Amazon Cognito Hosted UI Allow developers to use their own fully custom domain for the hosted UI in Amazon Cognito User Pools. June 4, 2018
Amazon Cognito User Pools OIDC Identity Provider Added user pool sign-in through an OpenID Connect (OIDC) identity provider such as Salesforce or Ping Identity. May 17, 2018
Amazon Cognito Developer Guide Update Added top level "What is Amazon Cognito" and "Getting Started with Amazon Cognito". Also added common scenarios and reorganized the user pools TOC. Added a new "Getting Started with Amazon Cognito user pools" section. April 6, 2018
Amazon Cognito Lambda Migration Trigger Added pages covering the Lambda Migration Trigger feature February 8, 2018
Amazon Cognito Advanced Security Beta Added new security features to enable developers to protect their apps and users from malicious bots, secure user accounts against credentials in the wild that have been compromised elsewhere on the internet, and automatically adjust the challenges required to sign in based on the calculated risk of the sign in attempt. November 28, 2017
Amazon Pinpoint integration Added the ability to use Amazon Pinpoint to provide analytics for your Amazon Cognito User Pools apps and to enrich the user data for Amazon Pinpoint campaigns. For more information, see Using Amazon Pinpoint analytics with Amazon Cognito user pools. September 26, 2017
Federation and built-in app UI features of Amazon Cognito User Pools Added the ability to allow your users to sign in to your user pool through Facebook, Google, Login with Amazon, or a SAML identity provider. Added a customizable built-in app UI and OAuth 2.0 support with custom claims. August 10, 2017
HIPAA and PCI compliance-related feature changes Added the ability to allow your users to use a phone number or email address as their user name. July 6, 2017
User groups and role-based access control features Added administrative capability to create and manage user groups. Administrators can assign IAM roles to users based on group membership and administrator-created rules. For more information, see Adding groups to a user pool and Role-based access control. December 15, 2016
Documentation update Updated iOS code examples in Developer authenticated identities (identity pools). November 18, 2016
Documentation update Added information about confirmation flow for user accounts. For more information, see Signing up and confirming user accounts. November 9, 2016
Create user accounts feature Added administrative capability to create user accounts through the Amazon Cognito console and the API. For more information, see Creating user accounts as administrator. October 6, 2016
Documentation update Updated examples that show how to use AWS Lambda triggers with user pools. For more information, see Customizing user pool workflows with Lambda triggers. September 27, 2016
User import feature Added bulk import capability for Cognito User Pools. Use this feature to migrate users from your existing identity provider to an Amazon Cognito user pool. For more information, see Importing users into user pools from a CSV file. September 1, 2016
General availability of Cognito User Pools Added the Cognito User Pools feature. Use this feature to create and maintain a user directory and add sign-up and sign-in to your mobile app or web application using user pools. For more information, see Amazon Cognito user pools. July 28, 2016
SAML support Added support for authentication with identity providers through Security Assertion Markup Language 2.0 (SAML 2.0). For more information, see SAML identity providers (identity pools). June 23, 2016
CloudTrail integration Added integration with AWS CloudTrail. For more information, see Logging Amazon Cognito API calls with AWS CloudTrail. February 18, 2016
Integration of events with Lambda Enables you to execute an AWS Lambda function in response to important events in Amazon Cognito. For more information, see Amazon Cognito Events. April 9, 2015
Data stream to Amazon Kinesis Provides control and insight into your data streams. For more information, see Amazon Cognito Streams. March 4, 2015
Push synchronization Enables support for silent push synchronization. For more information, see Amazon Cognito Sync. November 6, 2014
OpenID Connect support Enables support for OpenID Connect providers. For more information, see Identity pools (federated identities) external identity providers. October 23, 2014
Developer-authenticated identities support added Enables developers who own their own authentication and identity management systems to be treated as an identity provider in Amazon Cognito. For more information, see Developer authenticated identities (identity pools). September 29, 2014
Amazon Cognito general availability July 10, 2014