Drupal is a registered trademark of Dries Buytaert
Protected Pages 3.0.0 Major update available for module protected_pages (3.0.0). Commerce Core 3.3.8 Minor update available for module commerce (3.3.8). Layout Builder Reorder 2.0.1 Minor update available for module layout_builder_reorder (2.0.1). Ban 1.1.0 Minor update available for module ban (1.1.0). Field Formatter Range 2.0.0 Major update available for module field_formatter_range (2.0.0). Field Formatter Range 8.x-1.8 Minor update available for module field_formatter_range (8.x-1.8). UI Patterns (SDC in Drupal UI) 2.0.18 Minor update available for module ui_patterns (2.0.18). Varbase FAQs 9.2.1 Minor update available for module varbase_faqs (9.2.1). Search API Solr 4.3.11 Module search_api_solr updated after 14 months of inactivity (4.3.11). Provus Mega Menu Module provus_mega_menu crossed 1,000 active installs.

Cognito

38 sites Security covered
View on drupal.org

This module provides integration with Amazon Cognito, centralizing user authentication, registration, and password reset through Cognito. It enables federated login across multiple applications and allows authenticated tokens to access other AWS resources.

Provides an integration against Amazon Cognito. When this module is enabled, all user authentication flows are handled through Cognito, including User Registration, User Login and Password Reset.

Why use this module?

Federated Login

You can provide federated login between multiple systems, you may have a mobile app, another web app or other Drupal instances, all communicating with the same User Pool.

Access to AWS Resources

When you authenticate through Cognito, the token can be used to access other AWS resources. We need to do some work to expose this information but it's a use case that is attractive and will be solved. E.g. if you were using API gateway, your Drupal login could be used to control access to those API endpoints.

Logging in with other identity providers

The best way to achieve this currently is to install OpenID Connect and assign a domain to your User Pool. This way, you'll use the AWS hosted login form which can handle signing users in with Facebook/Google/SAML and your own User Pool which this module will be registering users into directly.

Setup

Currently the module only supports a "Email" Cognito flow process, which basically means email is used for the unique identifier. You must set this when you create your User Pool, it cannot be changed later. In the future support for a "Username" flow will also be added.

Here are the relevant configuration details that are required.

$settings['cognito'] = [
  'region' => 'us-east-2',
  'credentials' => [
    'key' => '',
    'secret' => '',
  ],
  'user_pool_id' => 'us-east-2_XXXXXXX',
  'client_id' => '',
];

Activity

Total releases
1
First release
Nov 2025
Latest release
8 months ago
Releases (12 mo)
1 ▲ from 0
Maintenance
Slowing

Releases

Version Type Release date
2.2.0 Stable Nov 12, 2025