Free AWS Security Whitepaper
    Toc Consulting Logo
    Back to all tools

    CognitoApi

    Authentication and user management API based on AWS Cognito

    CognitoApi lets you build your applications without thinking about the authentication part. Based on the solid AWS Cognito service, it provides a complete REST API for user registration, login with MFA, password reset, and user management. Free for the first 50K monthly active users.

    View on GitHub

    Features

    Security

    • MFA with Google Authenticator (TOTP)
    • Password policy: 14 chars, special, upper, lower, number
    • Access/ID tokens valid 1 hour, Refresh 24 hours
    • API Key protection for testing phase

    User Management

    • User registration with email verification
    • Password reset flow with verification code
    • User profile management (GET /userinfo)
    • Complete logout functionality

    Infrastructure

    • Fully automated Terraform deployment
    • Multi-environment support (dev, staging, prod)
    • CORS pre-configured for frontend integration
    • Cost: ~$0.003 per user per month

    Installation & Usage

    Quick Start

    export AWS_PROFILE=MyAwsDevProfile
git clone https://github.com/TocConsulting/cognito-api.git
cd terraform
ENVIRONMENT=dev make plan
ENVIRONMENT=dev make apply

    API Endpoints

    EndpointDescription
    POST /v1/usersCreate a new user
    POST /v1/users/{id}/confirmConfirm new user with temp password
    POST /v1/users/{id}/confirm-mfaConfirm MFA setup
    POST /v1/loginInitial login step
    POST /v1/mfa-verifyComplete MFA verification
    POST /v1/refresh-tokenGet new tokens using refresh token
    GET /v1/userinfoGet authenticated user info
    POST /v1/forgot-passwordInitiate password reset
    POST /v1/logoutLog out user

    Deployed Resources

    ResourceCountPurpose
    API Gateway1REST API exposure
    Cognito User Pool1User management
    Lambda Functions16API backend
    Lambda Layers6Shared code
    S3 Buckets2Terraform state & MFA QR codes
    DynamoDB Table1Terraform lock
    ACM Certificate1API HTTPS

    Need Help Implementing?

    We can help you deploy and customize this tool for your specific needs, or build custom solutions.

    Contact Us