Saurabh Gandhe I bring your ideas to life!

Azure B2C VS AWS Cognito, and the winner is..


When it comes to storing personal information with following GDPR and Print Media Industry Compliances, you are looking at a very hard luck for small companies with limited resources and $ amount. You need to be secured, complaint and scalable.

I got a challenge, not just to store, but track, target and make it compliant to all. It didn’t end here, with engagement objectives and cross device, cross domain identity verification, you are looking at a big project in itself.

That’s where the Azure B2C and AWS Cognito came to rescue. Essentially, it’s a users table with logging functionality in cloud, but It’s extremely secure, scalable and likely to be compliant of everything you may need.

In Microsoft Words: A highly available, global, identity management service for consumer-facing applications that scales to hundreds of millions of identities.

The first thought is, why would you put this in cloud, of course security and compliance are the main advantages, but there are more.
Let’s keep it for another day.

Azure B2C:

Setting up B2C was pretty straightforward. Setup the tenant, import users, setup identity providers and you are done. A few more quirks in your application and you are ready to roll with collecting user information in a secured way.

It took a little toll to get the understanding of Azure AD, as am not primarily from Azure background, but it also came out ok.

AWS Cognito:

The AWS UI is fast, easy to understand for sure, but I maybe biased on it.

It was about the same setup experience with AWS Cognito.

So for not much coding involved. I was ready to provide User Profile management features on my new Angular Application, with option to connect with Facebook, Google and Amazon. Yes, login with Amazon account on your website. You also have the option to provide Multi Factor Authentication using Email and SMS. Although it’s considered advanced security and is charged extra.

Surprisingly, both have same pricing for basic usage, although AWS seems pretty expensive for Advanced Security controls, but Microsoft would go about the same. I didn’t dig deep in MFA, as I didn’t plan to offer that initially.

They both come with 50K Free tiered active users followed by $0.0055 for another 50K and $0.0046 for next 900K.

It’s pretty catchy to attract small business to use it and you SHOULD.

Wait, there’s more!

So far so good, but the magic is in the next step.

Once you are done with these users, It was very easy to integrate the User Pools in AWS to another service from AWS called AWS SNS. And to my surprise, I got to AWS Pinpoint, that could set me up with all the Marketing Campaigns for the Users I have. It may not be as feature rich as Pardot, but definitely worth considering.

I had hard time finding the same service in Azure, even though I think both have almost same offerings when it comes to cloud.

With AWS Pinpoint, AWS SNS and AWS Amplify you are pretty much getting a basic marketing platform, not just identity management.

It’s not all free, but the tools were so tightly integrated, AWS was coming as a clear winner.

Here is a nice comparison of different services:

Azure B2C VS AWS Cognito:

Hands On with Azure B2C:

Hands On with AWS Cognito:

Update: Dec 4 2019. Looks like AWS cognito doesn’t have Linkedin as an out of box identity provider. I changed list to Google, Facebook and Amazon for AWS.

By Saurabh
Saurabh Gandhe I bring your ideas to life!

Contact Hands-on DevOps with Azure/AWS Experience

Recent Posts