Amazon Cognito vs Devise

Overview

Amazon Cognito

Stacks616

Followers917

Votes34

Devise

Stacks535

Followers232

Votes56

Amazon Cognito vs Devise: What are the differences?

Key differences between Amazon Cognito and Devise

Amazon Cognito and Devise are both popular authentication and user management solutions, but they have some key differences. Here are six of the most significant differences between the two:

Integration with Cloud Services: One of the major advantages of Amazon Cognito is its seamless integration with other Amazon Web Services (AWS) cloud services. It provides built-in support for integrating with services like Amazon S3, Amazon DynamoDB, and AWS AppSync. On the other hand, Devise is not specifically designed for cloud integration and requires additional configuration for such integrations.
Scalability and High Availability: Amazon Cognito is a fully managed service provided by AWS, offering high scalability and availability. It automatically handles the infrastructure and scales based on demand, ensuring reliable authentication and user management even during peak loads. Devise, on the other hand, relies on the underlying framework's scalability and availability features, which may not be as robust as a dedicated service like Amazon Cognito.
Multifactor Authentication (MFA): Amazon Cognito provides out-of-the-box support for implementing multifactor authentication (MFA) in your applications. It supports various MFA options such as SMS, email, and time-based one-time passwords. Devise, on the other hand, does not include built-in support for MFA and requires additional customization to implement this feature.
User Pools and Identity Pools: Amazon Cognito offers two types of pools: user pools and identity pools. User pools are used for user registration, authentication, and user management. Identity pools, on the other hand, are used for providing temporary AWS credentials to users for accessing AWS services directly. Devise, on the other hand, does not provide these pools and requires additional development effort to implement similar functionality.
Serverless Architecture: Amazon Cognito fits well into serverless architectures, where backend services are built using AWS Lambda, API Gateway, and other serverless technologies. It can be easily integrated with these services to provide authentication and authorization capabilities. In contrast, Devise is mainly used within traditional server-based applications and may not be as suitable for serverless architectures.
Pricing Model: The pricing models of Amazon Cognito and Devise differ significantly. Amazon Cognito charges based on the number of monthly active users and the amount of data stored, with additional charges for advanced features like MFA and SMS delivery. Devise, on the other hand, is an open-source library and does not have any direct cost associated with it. The cost of using Devise is primarily related to the infrastructure and resources required to run the underlying application.

In summary, Amazon Cognito offers seamless integration with AWS cloud services, scalable and highly available architecture, built-in support for MFA, user pools, and identity pools, compatibility with serverless architectures, and a pricing model based on usage. Devise, on the other hand, requires additional configuration for cloud integrations, relies on the underlying framework's scalability and availability, lacks built-in MFA support, does not provide user pools or identity pools, may not fit well into serverless architectures, and has no direct cost associated with it.

Share your Stack

Help developers discover the tools you use. Get visibility for your team's tech choices and contribute to the community's knowledge.

View Docs

CLI (Node.js)

Manual

Advice on Amazon Cognito, Devise

Brent

CEO at DEFY Labs

Mar 7, 2020

Decided

I started our team on Amazon Cognito because I was a Solutions Architect at AWS and found it really easy to follow the tutorials and get a basic app up and running with it.

When our team started working with it, they very quickly became frustrated because of the poor documentation. After 4 days of trying to get all the basic passwordless auth working, our lead engineer made the decision to abandon it and try Auth0... and managed to get everything implemented in 4 hours.

The consensus was that Cognito just isn't mature enough or well-documented, and that the implementation does not cater for real world use cases the way that it should. I believe Amplify has made some of this simpler, but I would still recommend Auth0 as it's been bulletproof for us, and is a sensible price.

297k views297k

Comments

Detailed Comparison

Amazon Cognito	Devise
You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline.	Devise is a flexible authentication solution for Rails based on Warden
Manage Unique Identities;Work Offline;Store and Sync across Devices;Seamless Guest Access;Safeguard AWS Credentials;Control Access to AWS Resources	Is Rack based;Is a complete MVC solution based on Rails engines;Allows you to have multiple models signed in at the same time;Is based on a modularity concept: use just what you really need.
Statistics
Stacks 616	Stacks 535
Followers 917	Followers 232
Votes 34	Votes 56
Pros & Cons
Pros 14 Backed by Amazon 7 Manage Unique Identities 4 Work Offline 3 MFA 2 Store and Sync Cons 4 Massive Pain to get working 3 Documentation often out of date 2 Login-UI sparsely customizable (e.g. no translation) 1 Hard to find expiration times for tokens/codes 1 Different Language SDKs not compatible	Pros 33 Reliable 17 Open Source 4 Support for neo4j database 2 Secure
Integrations
No integrations available	Rails

What are some alternatives to Amazon Cognito, Devise?

Auth0

A set of unified APIs and tools that instantly enables Single Sign On and user management to all your applications.

Stormpath

Stormpath is an authentication and user management service that helps development teams quickly and securely build web and mobile applications and services.

Keycloak

It is an Open Source Identity and Access Management For Modern Applications and Services. It adds authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box.

Firebase Authentication

It provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app. It supports authentication using passwords, phone numbers, popular federated identity providers like Google,

WorkOS

Start selling to enterprise customers with just a few lines of code.

OAuth.io

OAuth is a protocol that aimed to provide a single secure recipe to manage authorizations. It is now used by almost every web application. However, 30+ different implementations coexist. OAuth.io fixes this massive problem by acting as a universal adapter, thanks to a robust API. With OAuth.io integrating OAuth takes minutes instead of hours or days.

OmniAuth

OmniAuth is a Ruby authentication framework aimed to abstract away the difficulties of working with various types of authentication providers. It is meant to be hooked up to just about any system, from social networks to enterprise systems to simple username and password authentication.

ORY Hydra

It is a self-managed server that secures access to your applications and APIs with OAuth 2.0 and OpenID Connect. It is OpenID Connect Certified and optimized for latency, high throughput, and low resource consumption.

Kinde

Simple, powerful authentication that you can integrate in minutes. Free your users from passwords with secure and frictionless one click sign up and sign in. Built from the ground up using the best in class security protocols available today.

Satellizer

Satellizer is a simple to use, end-to-end, token-based authentication module for AngularJS with built-in support for Google, Facebook, LinkedIn, Twitter authentication providers, plus Email and Password sign-in method. You are not limited to the sign-in options above, in fact you can add any OAuth 1.0 or OAuth 2.0 provider by passing provider-specific information during the configuration step.

Related Comparisons

Amazon Cognito vs Devise: What are the differences?

Key differences between Amazon Cognito and Devise

Amazon Cognito and Devise are both popular authentication and user management solutions, but they have some key differences. Here are six of the most significant differences between the two:

Integration with Cloud Services: One of the major advantages of Amazon Cognito is its seamless integration with other Amazon Web Services (AWS) cloud services. It provides built-in support for integrating with services like Amazon S3, Amazon DynamoDB, and AWS AppSync. On the other hand, Devise is not specifically designed for cloud integration and requires additional configuration for such integrations.
Scalability and High Availability: Amazon Cognito is a fully managed service provided by AWS, offering high scalability and availability. It automatically handles the infrastructure and scales based on demand, ensuring reliable authentication and user management even during peak loads. Devise, on the other hand, relies on the underlying framework's scalability and availability features, which may not be as robust as a dedicated service like Amazon Cognito.
Multifactor Authentication (MFA): Amazon Cognito provides out-of-the-box support for implementing multifactor authentication (MFA) in your applications. It supports various MFA options such as SMS, email, and time-based one-time passwords. Devise, on the other hand, does not include built-in support for MFA and requires additional customization to implement this feature.
User Pools and Identity Pools: Amazon Cognito offers two types of pools: user pools and identity pools. User pools are used for user registration, authentication, and user management. Identity pools, on the other hand, are used for providing temporary AWS credentials to users for accessing AWS services directly. Devise, on the other hand, does not provide these pools and requires additional development effort to implement similar functionality.
Serverless Architecture: Amazon Cognito fits well into serverless architectures, where backend services are built using AWS Lambda, API Gateway, and other serverless technologies. It can be easily integrated with these services to provide authentication and authorization capabilities. In contrast, Devise is mainly used within traditional server-based applications and may not be as suitable for serverless architectures.
Pricing Model: The pricing models of Amazon Cognito and Devise differ significantly. Amazon Cognito charges based on the number of monthly active users and the amount of data stored, with additional charges for advanced features like MFA and SMS delivery. Devise, on the other hand, is an open-source library and does not have any direct cost associated with it. The cost of using Devise is primarily related to the infrastructure and resources required to run the underlying application.

Amazon Cognito vs Devise

Overview

Amazon Cognito vs Devise: What are the differences?