Need advice about which tool to choose?Ask the StackShare community!
Amazon Cognito vs Stormpath: What are the differences?
Developers describe Amazon Cognito as "Securely manage and synchronize app data for your users across their mobile devices". You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline. On the other hand, Stormpath is detailed as "User Management and Authentication for Developers". Stormpath is an authentication and user management service that helps development teams quickly and securely build web and mobile applications and services.
Amazon Cognito and Stormpath belong to "User Management and Authentication" category of the tech stack.
Some of the features offered by Amazon Cognito are:
- Manage Unique Identities
- Work Offline
- Store and Sync across Devices
On the other hand, Stormpath provides the following key features:
- User Authentication as a Service
- Authorization – Easily model and manage your data, including pre-built roles
- Flexible User Profiles
"Backed by Amazon" is the top reason why over 11 developers like Amazon Cognito, while over 26 developers mention "Authentication" as the leading cause for choosing Stormpath.
ChromaDex, Sendhelper Pte Ltd, and Strain Merchant are some of the popular companies that use Amazon Cognito, whereas Stormpath is used by Stormpath, Forerunner Games, and Notify-e. Amazon Cognito has a broader approval, being mentioned in 41 company stacks & 13 developers stacks; compared to Stormpath, which is listed in 3 company stacks and 4 developer stacks.
I started our team on Amazon Cognito because I was a Solutions Architect at AWS and found it really easy to follow the tutorials and get a basic app up and running with it.
When our team started working with it, they very quickly became frustrated because of the poor documentation. After 4 days of trying to get all the basic passwordless auth working, our lead engineer made the decision to abandon it and try Auth0... and managed to get everything implemented in 4 hours.
The consensus was that Cognito just isn't mature enough or well-documented, and that the implementation does not cater for real world use cases the way that it should. I believe Amplify has made some of this simpler, but I would still recommend Auth0 as it's been bulletproof for us, and is a sensible price.
Pros of Amazon Cognito
- Backed by Amazon14
- Manage Unique Identities7
- Work Offline4
- MFA3
- Store and Sync2
- It works1
- Integrate with Google, Amazon, Twitter, Facebook, SAML1
- SDKs and code samples1
- Free for first 50000 users1
Pros of Stormpath
- Authentication27
- User Management22
- API Authentication19
- Token Authentication17
- Security Workflows17
- Secure16
- Easy setup and great support7
- Great customer support7
- they manage the required, so I can focus on innovation6
- Private Deployment3
- Will sign BAA for HIPAA-compliance2
- Rapid Development1
- SAML Support0
Sign up to add or upvote prosMake informed product decisions
Cons of Amazon Cognito
- Massive Pain to get working4
- Documentation often out of date3
- Login-UI sparsely customizable (e.g. no translation)2
- Docs are vast but mostly useless1
- MFA: there is no "forget device" function1
- Difficult to customize (basic-pack is more than humble)1
- Lacks many basic features1
- There is no "Logout" method in the API1
- No recovery codes for MFA1
- Hard to find expiration times for tokens/codes1
- Only paid support1
Cons of Stormpath
- Discontinued4
