The difference between AWS Amplify and amazon-cognito-identity-js?
amazon-cognito-identity-js
used to be a separate package specifically for Cognito
. Recently they've been bundling all their SDKs into Amplify
to streamline the integration process.
For instance in our iOS app the Cognito
SDK had a number of issues that were resolved by moving to Amplify
.
As you can see in the link below, this package is now maintained in the Amplify
umbrella.
https://github.com/aws-amplify/amplify-js/tree/master/packages/amazon-cognito-identity-js
It used to be standalone here:
https://github.com/amazon-archives/amazon-cognito-identity-js
I would recommend going forward with Amplify
as that is the direction that AWS development is headed internally, and amazon-cognito-identity-js
is maintained as part of Amplify
anyway.
To add to the great answer by @DaveS. There are 3 official tools you can use to integrate Cognito in your app:
Amplify
- Use it in client-side applications, where you'd use Amplify anyway - to leverage the premade auth UI components or to integrate with other services from the Amplify ecosystem: APIs, Analytics, Storage, etc.
- Does not support secret-enabled Cognito app clients.
- Cannot make authenticated (requiring AWS credentials) Cognito API calls (e.g.
adminCreateUser
) directly, but there's a workaround.
amazon-cognito-identity-js
- It is a much smaller package and it comes as a part of Amplify (hosted in the Amplify monorepo).
- It can still be used separately if you don't need any of the extra features provided by Amplify (save on the bundle size).
- Does not support secret-enabled Cognito app clients.
- Cannot make authenticated (requiring AWS credentials) Cognito API calls, e.g.
adminCreateUser
. - Can be used in the backend (unauthenticated Cognito APIs only).
AWS SDK
- Low-level as it can get.
- Provides access to all (authenticated and non-authenticated) Cognito APIs. For authenticated, make sure the code has access to AWS credentials.
- Can work with secret-enabled Cognito client apps (you need to sign the requests with the secret).
- Can be used in both client (for unauthenticated APIs only, otherwise you're exposing secrets) and server applications.
Code samples for all 3 can be found here: AWS Cognito: Amplify vs amazon-cognito-identity-js vs AWS SDK.