I'm getting a little overwhelmed with all the information available to me.
Say I have a website on which I want to authenticate users and manage their profiles for cross mobile reuse. This website works closely with Amazon AWS.
How can I achieve the following combination?
Facts that I am aware of:
Ideally I would like to use one of the Social Network Provider meta services that allow me to effortlessly add and remove login options. At the same time, I want to be able to use Amazon Cognito to link these credentials to profiles.
What are my options?
Amazon Cognito supports users logging in with Facebook, Amazon, Twitter, Digits, Google, or any OpenID Connect provider. If you want to support users logged in with another provider or with a federated provider, you can use OpenID Connect or Developer Authenticated Identities.
OpenID Connect: There are products out there that federate/broker multiple social providers and expose the federated user via OpenID Connect which have special support for Cognito including Ping Federate and Auth0 to name a couple.
Developer Authenticated Identities enables you completely control the authentication process for the user. Essentially your user logs in with your own backend (which you could use to broker social logins) and your backend makes a secure call to Amazon Cognito with an identifier that you use to uniquely identify the user to retrieve a token from Cognito. Potentially you could federate identities using this method as well. The Cognito Developer Guide has a visual showing the flow to understand the big picture and a complete guide to setting it up.
Again, Amazon Cognito already supports the most popular social providers out of the box and we have a topic for each social provider in the Amazon Cognito Developer Guide, but above is a more exhaustive list of options.