AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt

AWS Cognito MCP Server delivers seamless, enterprise-grade user authentication and scalable identity management, securing cloud apps with robust compliance and effortless AWS integration.

Visit Repository

✨ Developer Tools

4.1(158 reviews)

237 saves

110 comments

Users create an average of 10 projects per month with this tool

About AWS Cognito MCP Server

What is AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

This server acts as a bridge between your application and AWS Cognito, handling authentication workflows at scale. It provides a standardized interface for user sign-up, sign-in, password management, and more, while leveraging Cognito's enterprise-grade security features. The solution is ideal for applications requiring robust identity management without building custom auth infrastructure from scratch.

How to use AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

Follow these core steps:

Install dependencies and build the server using Node.js 18+
Configure AWS Cognito User Pool credentials in your environment
Select your execution environment (Claude Desktop/Code) and apply specific setup steps
Use provided API tools like sign_in, reset_password, or update_user_attributes in your workflows

Development mode includes auto-rebuild and debug tools for faster iteration.

AWS Cognito MCP Server Features

Key Features of AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

End-to-end authentication lifecycle management (signup → MFA → deletion)
Seamless integration with both GUI (Claude Desktop) and CLI (Claude Code) tools
Support for TOTP-based multi-factor authentication
Environment-agnostic configuration via .env files
Production-ready error handling and token refresh mechanisms

Use cases of AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

Best suited for:

Enterprise SaaS platforms needing OAuth2 compliance
Applications requiring audit trails through Cognito's logging
Multi-tenant systems leveraging Cognito groups/pools isolation
Hybrid environments combining web/mobile/desktop authentication
Regulated industries needing password policies and MFA enforcement

AWS Cognito MCP Server FAQ

FAQ from AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

Q: Does this work with older Node.js versions?
A: No, requires v18+ for modern security features

Q: Can I customize authentication flows?
A: Yes, through Cognito's custom attribute support and Lambda triggers

Q: What about production deployment?
A: Deploy as a service using PM2 or cloud-run containers, ensure environment variables are secured

Q: How do I handle token expiration?
A: Use the refresh_session tool to automatically renew tokens before expiry

Q: Does MFA require additional setup?
A: Yes, need to configure TOTP settings in your Cognito User Pool

Content

AWS Cognito MCP Server

A Model Context Protocol (MCP) server implementation that connects to AWS Cognito for authentication and user management. This server provides a set of tools for user authentication flows including sign-up, sign-in, password management, and more.

Prerequisites

AWS account with Cognito User Pool configured
Node.js 18 or higher

Installation

# Clone the repository
git clone https://github.com/yourusername/mcp-server-aws-cognito.git

# Install dependencies
cd mcp-server-aws-cognito
npm install

# Build the server
npm run build

AWS Cognito Configuration

Log in to your AWS Console and navigate to Amazon Cognito
Create a User Pool or use an existing one
Note your User Pool ID and App Client ID
Set these values as environment variables or in a .env file (you need .env file only when you use claude code, not claude desktop):

AWS_COGNITO_USER_POOL_ID=your-user-pool-id
AWS_COGNITO_USER_POOL_CLIENT_ID=your-app-client-id

Available Tools

Tool Name	Description	Parameters
`sign_up`	Register a new user	`email`: string, `password`: string
`sign_up_confirm_code_from_email`	Verify account with confirmation code	`username`: string, `confirmationCode`: string
`sign_in`	Authenticate a user	`username`: string, `password`: string
`sign_out`	Sign out the current user	None
`getCurrentUser`	Get the current signed-in user	None
`reset_password_send_code`	Request password reset code	`username`: string
`reset_password_veryify_code`	Reset password with verification code	`username`: string, `code`: string, `newPassword`: string
`change_password`	Change password for signed-in user	`oldPassword`: string, `newPassword`: string
`refresh_session`	Refresh the authentication tokens	None
`update_user_attributes`	Update user profile attributes	`attributes`: Array of `{name: string, value: string}`
`delete_user`	Delete the current signed-in user	None
`resend_confirmation_code`	Resend account verification code	`username`: string
`verify_software_token`	Verify TOTP for MFA	`username`: string, `totpCode`: string

The Inspector will provide a URL to access debugging tools in your browser.

Using with Claude Desktop

Before starting make sure Node.js is installed on your desktop for npx to work.

Go to: Settings > Developer > Edit Config
Add the following to your claude_desktop_config.json:

{
  "mcpServers": {
    "aws-cognito-mcp-server": {
      "command": "/path/to/mcp-server-aws-cognito/build/index.js",
      "env": {
        "AWS_COGNITO_USER_POOL_ID": "your-user-pool-id",
        "AWS_COGNITO_USER_POOL_CLIENT_ID": "your-app-client-id"
      }
    }
  }
}

Using with Claude Code

Claude Code is a command-line interface for Claude. To use this MCP server with Claude Code:

Install Claude Code by following the instructions at Claude Code Documentation
Add the MCP server to Claude Code:

claude mcp add "aws-cognito-mcp" npx tsx index.ts

Verify it's been added:

claude mcp list

Run Claude with your MCP server:

claude

Development

For development with auto-rebuild:

npm run watch

Debugging

Since MCP servers communicate over stdio, debugging can be challenging. Use the MCP Inspector for better visibility:

npm run inspector

Now you can use the AWS Cognito authentication tools with Claude!