What's the difference between Amazon Cognito user pools and identity pools?

2 minute read

I started to use Amazon Cognito, and I want to know whether to use user pools or identity pools for my business applications.

Short description

User pools are for authentication. Your app users can sign in through the user pool, or federate through a third-party identity provider (IdP). Identity pools are for authorization. You can use identity pools to create unique identities for users, and give them access to other AWS services.


User pool use cases

Use a user pool in the following scenarios:

Identity pool use cases

Use an identity pool in the following scenarios:

For more example use cases, see Common Amazon Cognito scenarios.

Related information

Identity pools concepts (federated identities)

Identity pools (federated identities) authentication flow

Features of Amazon Cognito

AWS OFFICIALUpdated 7 months ago