Drupal is a registered trademark of Dries Buytaert
drupal 11.3.7 Update released for Drupal core (11.3.7)! drupal 11.2.11 Update released for Drupal core (11.2.11)! drupal 10.6.7 Update released for Drupal core (10.6.7)! drupal 10.5.9 Update released for Drupal core (10.5.9)! cms 2.1.1 Update released for Drupal core (2.1.1)! drupal 11.3.6 Update released for Drupal core (11.3.6)! drupal 10.6.6 Update released for Drupal core (10.6.6)! cms 2.1.0 Update released for Drupal core (2.1.0)! bootstrap 8.x-3.40 Minor update available for theme bootstrap (8.x-3.40). menu_link_attributes 8.x-1.7 Minor update available for module menu_link_attributes (8.x-1.7). eca 3.1.1 Minor update available for module eca (3.1.1). layout_paragraphs 2.1.3 Minor update available for module layout_paragraphs (2.1.3). ai 1.3.3 Minor update available for module ai (1.3.3). ai 1.2.14 Minor update available for module ai (1.2.14). node_revision_delete 2.0.3 Minor update available for module node_revision_delete (2.0.3). moderated_content_bulk_publish 2.0.52 Minor update available for module moderated_content_bulk_publish (2.0.52). klaro 3.0.10 Minor update available for module klaro (3.0.10). klaro 3.0.9 Minor update available for module klaro (3.0.9). layout_paragraphs 2.1.2 Minor update available for module layout_paragraphs (2.1.2). geofield_map 11.1.8 Minor update available for module geofield_map (11.1.8).
← All modules

cognito

36 sites Security covered
View on drupal.org

Provides an integration against Amazon Cognito. When this module is enabled, all user authentication flows are handled through Cognito, including User Registration, User Login and Password Reset.

Why use this module?

Federated Login

You can provide federated login between multiple systems, you may have a mobile app, another web app or other Drupal instances, all communicating with the same User Pool.

Access to AWS Resources

When you authenticate through Cognito, the token can be used to access other AWS resources. We need to do some work to expose this information but it's a use case that is attractive and will be solved. E.g. if you were using API gateway, your Drupal login could be used to control access to those API endpoints.

Logging in with other identity providers

The best way to achieve this currently is to install OpenID Connect and assign a domain to your User Pool. This way, you'll use the AWS hosted login form which can handle signing users in with Facebook/Google/SAML and your own User Pool which this module will be registering users into directly.

Setup

Currently the module only supports a "Email" Cognito flow process, which basically means email is used for the unique identifier. You must set this when you create your User Pool, it cannot be changed later. In the future support for a "Username" flow will also be added.

Here are the relevant configuration details that are required.

$settings['cognito'] = [
  'region' => 'us-east-2',
  'credentials' => [
    'key' => '',
    'secret' => '',
  ],
  'user_pool_id' => 'us-east-2_XXXXXXX',
  'client_id' => '',
];

Activity

Total releases
1
First release
Nov 2025
Latest release
5 months ago
Release cadence
Stability
100% stable

Releases

Version Type Release date
2.2.0 Stable Nov 12, 2025