Integration with AWS Cognito

Just wondering the possibility of using Stytch (consumer auth) to do user management and issue login pages, while connected to AWS Cognito to authenticate the AWS managed backend services.

Other services like Auth0 has documentation showing the integration with AWS Cognito, just wondering the same capability can be applied to Stytch?

Hey David,

Thanks so much for posting!

For some background, Auth0 accomplishes this integration by acting as an OIDC-compliant IdP. While Stytch doesn’t currently act as an IdP, it does look like integrating Stytch-powered auth with Cognito should be possible through their developer-authenticated identities.

I believe the flow here, after setting up an Identity pool, would look something like:

  • A user authenticates in your application with Stytch
  • Your application detects a valid Stytch session and wants AWS access
  • Your backend calls GetOpenIdTokenForDeveloperIdentity (on a route which is only accessible with a valid Stytch session)
  • Using the IdentityId returned, your application calls GetCredentialsForIdentity

Cognito also has a flowchart outlining the developer-authenticated identity flow this page in their documentation (a few headers down the page): Identity pools (federated identities) authentication flow - Amazon Cognito.

Per your initial question, we’d definitely love to get a guide up on this, which I’ve flagged for the team!

For our own understanding, are you primarily interested in integrating with Cognito to bake in AWS access management into your auth flow, or something else? We’d love to learn more about the use case!

It is one of the method we are considering. We have used the AWS ecosystem quite extensively and the usage of Cognito make sense. But we will want to take advantage of the streamlined user management and auth-page-customisation experience from a Auth-focus service provider.

Currently we are evaluating various methods and trying to balance the functionality and cost.

Hey David – thanks so much for the additional context! That definitely makes sense.

Please let us know if any other questions come up as you complete your evaluation!