• Fully managed authentication, authorization, and user management service designed for use with web and mobile apps

  • Users can sign in directly with a username and password or through a third party, such as Facebook, Amazon, or Google

  • Two main components:

    • User pools: User directories that provide sign-up and sign-in options for your app users

    • Identity pools: Enable you to grant your users access to other AWS services

  • User and identity pools can be used separately or together