Simplify Authentication Process
Question
A development team is working on an application that will allow customers to view shipment orders placed on their site.
The data would be stored in DynamoDB.
The application itself would be available on both desktop and mobile based applications.
The developers want to use a service which would simplify the authentication process for the application.
Which of the following could be used for this purpose?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - A.
The AWS Documentation mentions the following.
Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps.
Your users can sign in directly with a user name and password, or through a third party such as Facebook, Amazon, or Google.
The two main components of Amazon Cognito are user pools and identity pools.
User pools are user directories that provide sign-up and sign-in options for your app users.
Identity pools enable you to grant your users access to other AWS services.
You can use identity pools and user pools separately or together.
Option B is incorrect since this should ideally be used for Federated access.
Options C and D are incorrect since this is insecure and would result in a large maintenance overhead.
For more information on AWS Cognito, please visit the url.
https://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.htmlThe most appropriate service for simplifying the authentication process for a web application that would be available on both desktop and mobile-based applications is AWS Cognito (option A).
AWS Cognito is a user sign-up, sign-in, and access control service that allows developers to add user sign-up, sign-in, and access control to their web and mobile applications quickly and easily. Cognito supports multiple authentication methods, including social identity providers, such as Facebook and Google, and enterprise identity providers via SAML 2.0.
With AWS Cognito, developers can manage user registration and authentication, and also manage permissions for specific resources and actions in AWS services, such as DynamoDB.
AWS SAML (option B) is a service that enables federated access to AWS resources using a SAML-based identity provider (IdP). AWS SAML is used for single sign-on (SSO) to web applications that are not part of the AWS ecosystem, and it is not specifically designed for simplifying the authentication process for a web application that is part of the AWS ecosystem.
AWS IAM Access Keys (option C) are used for programmatic access to AWS services using the AWS Command Line Interface (CLI), SDKs, and other developer tools. Access keys are not used for simplifying the authentication process for web or mobile applications.
AWS IAM Users (option D) are used to create and manage user accounts that can access AWS resources, but it does not simplify the authentication process for web or mobile applications. IAM Users are primarily used to manage access to AWS resources for administrators and developers who are working on AWS infrastructure, and not for end-users who are accessing an application.
Therefore, the correct answer is option A, AWS Cognito, which simplifies the authentication process for web and mobile applications and supports multiple authentication methods.
