Vlog: 1Kosmos Adds Passwordless Authentication to Amazon Cognito

Huzefa Olia

Join Rob MacDonald, VP of Product Marketing, and Huzefa Olia, COO of 1Kosmos, as they unveil the exciting integration news with Amazon Cognito. Learn about the significance of 1Kosmos becoming an AWS advanced technology partner and the seamless deployment options for developers. Explore how this collaboration enhances user experience, reinforces identity management, and sets the stage for the future of secure digital identity.

Robert MacDonald:

Hi, I am Rob MacDonald, vice president of product marketing here at 1Kosmos, and today I’m joined by Huzefa, co-founder and COO of 1Kosmos. How are you doing today Huzefa?

Huzefa Olia:

I am doing great, Rob. It’s a Friday, so never better.

Robert MacDonald:

It’s Friday, you’re in New Jersey, I heard it snowed a little bit this week, I hope you’re keeping warm.

Huzefa Olia:

When you talk about snow, you’re in Canada, so I cannot talk to you about snow. We got a little bit of a sprinkling, that’s it.

Robert MacDonald:

Fair enough. All right, well listen, today, thanks for joining us, or joining me. We just made a recent announcement of a new integration partner, Amazon Cognito. So, before we talk about all the goodness of what we’re doing with Cognito, why don’t you tell me a little bit about what it is? What is Cognito?

Huzefa Olia:

So, Cognito is a single sign-on platform, an IdP provider that Amazon Web Services provides, especially if you are building your applications on the AWS platform, this is the native integration that the AWS provides out of the box. So, Cognito is widely used across applications, individual applications that may be developed and have their own ecosystems within the AWS network.

Robert MacDonald:

Cool. So, interesting. Where is AWS deployed within an organization? So, you said it’s an IdP, I think everybody that’s probably listening to these understands what an IdP is, but where do you typically find it? Because, when we think workforce in particular, there’s Okta and Microsoft and ForgeRock and Ping. Where’s Cognito, where do you find that?

Huzefa Olia:

They primarily operate in the customer identity and access management or CIAM space today. So, they have not published essentially their numbers of their deployment, but it’s pretty vastly adopted. So, any kind of a public facing application which is hosted on AWS application, and if they would not have a custom integration to be done on Okta or Microsoft, Amazon says, here you go, you can use AWS Cognito.

Robert MacDonald:

So, the primary use case for this would be a CIAM type of initiative, somebody’s put some application on AWS, and then this is the identity management portion of that application, is that what I understood?

Huzefa Olia:

Absolutely.

Robert MacDonald:

Makes sense. So, what motivated either 1Kosmos to partner with AWS or AWS to partner with 1Kosmos? How did that come to be?

Huzefa Olia:

So, identity is our motivation. We’ve made some significant deployments in the CIAM space recently. 2023 has been a great year for us in that particular sense. And our customers were essentially looking for, hey, do you have these integrations with AWS Cognito that you provide out of box? Their footprint is pretty vast, which I got to know. And that has led to us building this integration with them and providing a more out of box solution with them as well.

Robert MacDonald:

So, that’s amazing. Everybody knows AWS, everybody knows Amazon, and it’s cool to know that they’re doing this part of their business as well. So, we are now considered an AWS advanced technology partner. So, what specifically does that mean?

Huzefa Olia:

So, our integration today with AWS is around us being a strong authentication for them. Meaning, if you need to do either multifactor authentication, if you want to do passwordless, if you want to have passkeys that you can deploy on your application that is supported by AWS Cognito, here you go. We are the partner of choice that you can go to. So, it’s pretty significant because most of the applications are now being mandated from a compliance standpoint that, hey, you need to have either Strong MFA or support passwordless passkeys in your application deployment stack, and that’s where our integration with AWS Cognito becomes extremely important. I just wanted to add that we want to continue this particular integration and develop further stories, more on the other sides of pieces that we have, identity proofing and better public mentions, but that is more in the future for us.

Robert MacDonald:

So, based on what I’ve read on the Amazon Cognito site, they have more of these advanced technology partners. It looks like organizations that are aligned to that have gone through some sort of testing, is that correct? By Amazon?

Huzefa Olia:

Yeah, integration as well as testing. So, while anything that we’ve done with AWS, it goes through significant scrutiny and review. So, even this particular integration that we put together, we had to document it. The entire GitHub of this particular technical integration is available. It is referenced in a blog that is published by the AWS community that goes out to anybody, the AWS customer. You can essentially go back and look at it. There are references to the GitHub link as well and what that integration is. But, anyway, all of this was not put together by us. We provided the integration story, but it was reviewed through multiple different channels and reviews. I cannot even recall how many by AWS and published by them.

Robert MacDonald:

Well, that’s amazing. So, somebody looking at adding our technology into that stack can be pretty much rest assured that it’s been tested by Amazon to make sure that it works with their technology, and that the integration and implementation of us with Cognito would be seamless.

Huzefa Olia:

Absolutely. So, if you’re a developer, if you’re watching this, if you have AWS Cognito, feel free to look at the blog. Maybe we can reference it into the link as well when we post this. But, it’s pretty simple, straightforward. You would essentially put a custom auth plugin with 1Kosmos, and there you go. You’ll be able to provide strong MFA or passwordless authentication to your end customers.

Robert MacDonald:

Awesome. We take user experience pretty seriously here at 1Kosmos. I guess, I’m sure you would agree with me on that. Everything we do revolves around that and basically privacy. But, it’s commonly known that users will go elsewhere if it’s too hard, if what they came to do wasn’t easy. How does 1Kosmos help Cognito users provide a better experience when they’re dealing with their end users?

Huzefa Olia:

Absolutely. So, when the experience is, and I always want to highlight that there are two experiences. One is the strong MFA, because we believe in the story of you don’t have to completely take your organization from password to passwordless from day one to day two. You may have a transition period, so strong MFA becomes important. So, we have factored that experience in the entire channel where you can authenticate in Cognito, and then there’s a dialogue box that opens up, which essentially factors in what 1Kosmos provides to you, as any of the strong MFA options that you may have, push notifications, OTP, TOTP, et cetera. For our passwordless and passkeys, we provide an SDK, which again, from an end user standpoint, it seems seamless for them, where all they’re doing is entering their username, their backend API calls that we’re available, that contact 1Kosmos console or gateway that we have, and then we provide, we essentially see if this particular authentication is valid and give the signals back to AWS.

Robert MacDonald:

Listen, I think it’s amazing. So, when we look at Amazon Cognito customers, we touched on it earlier, but how easy, or a developer, how easy is it for developers to deploy 1Kosmos into a Cognito instance?

Huzefa Olia:

So, like I said, you can sign up for a 1Kosmos instance by going to a developer environment. If you have a Cognito instance, you can sign up for a free account for Cognito as well. That is available on the AWS site. There are instructions to develop a custom auth plugin. And on that particular blog we also highlight, and the GitHub repository, what are the steps that you need to essentially use to integrate AWS Cognito with 1Kosmos.

Robert MacDonald:

So, then as a follow on to that question, that obviously sounds relatively easy. How would customers acquire an instance of BlockID? So, it’s like, I like it, I installed it at work, and the testing developer did all the great work. How do I then pay for the instance that I chose?

Huzefa Olia:

We want to make the entire experience easy. So, if you’re a customer in the AWS ecosystem, we are listed on the AWS Marketplace. We have three distinct product lines that are available. So, you can choose any one of them. Most likely it will be around BlockID customer or verify. And you can sign up for the product through AWS Marketplace. You would get your instance, your license keys, et cetera, through that particular portal and you’ll be ready to go.

Robert MacDonald:

That’s cool. Listen, Huzefa, I know that you’re super busy as always, and I wanted to thank you for taking the time today to sit down and tell us about this exciting announcement that we made this week. And I wish you the best, and I hope you come back and talk to me again on a vlog soon.

Huzefa Olia:

Look forward to it, Robert. Thank you.

Robert MacDonald:

So, listen, if you want to find out more about this integration, you can check out our website. We’ve got a data sheet and a press release there that you can go take a read and learn more about this Cognito integration. And then, plus, as Huzefa mentioned earlier, there’s a Amazon Cognito blog that you can read as well. We’ll put the links to all of those down below. Thanks again everybody. We’ll see you again shortly.

 

FIDO2 Authentication with 1Kosmos
Read More
Meet the Author

Huzefa Olia

Chief Operating Officer

Huzefa Olia, Chief Operating Officer for 1Kosmos is a recognized expert in Identity & Access Management. He previously held senior management roles at global identity management services provider Simeio, cyber risk management vendor Brinqa and identity compliance management vendor Vaau (acquired by Sun).