Amazon Web Services announced updates to Amazon Cognito, an identity and access management service for web and mobile applications. The service allows developers to secure machine-to-machine authentication, enable role-based access to AWS resources, and create sign-in and sign-up experiences in applications.

Cognito now supports passwordless login with managed login, enabling users to integrate passwordless authentication methods including passkeys, email one-time-passwords and SMS one-time-passwords.

The new features include a developer-focused console experience that streamlines onboarding via a quick wizard and use-case specific recommendations. This would allow developers to configure their sign-in options and follow the system-provided instructions to create the application's sign-in and sign-up pages. A new user pool, a user directory for authentication and authorization, is automatically created, according to the blog post announcing the new updates. Amazon Cognito also supports major application frameworks and offers detailed instructions for integrating them using standard OpenID Connect (OIDC) and OAuth open source libraries.

Amazon has updated the pricing structure for Cognito, adding user pool feature tiers: Lite, Essentials, and Plus. New user pools are created at the Essentials tier by default, and users can switch between tiers depending on their needs.

The Lite tier includes user registration, pass-word based authentication and social identity provider integration. The Essentials tier includes expanded authentication and access control features, including managed login and passwordless capabilities and enhanced security features. The Plus tier offers more security features, including threat protection capabilities against suspicious logins, compromised credential detection, and others.