AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt

AWS Cognito MCP Server delivers seamless, enterprise-grade user authentication and scalable identity management, securing cloud apps with robust compliance and effortless AWS integration.

Visit Repository

✨ Developer Tools

4.5(120 reviews)

180 saves

84 comments

84% of users reported increased productivity after just one week

About AWS Cognito MCP Server

What is AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

This server acts as a bridge between your application and AWS Cognito, handling authentication workflows at scale. It provides a standardized interface for user sign-up, sign-in, password management, and more, while leveraging Cognito's enterprise-grade security features. The solution is ideal for applications requiring robust identity management without building custom auth infrastructure from scratch.

How to use AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

Follow these core steps:

Install dependencies and build the server using Node.js 18+
Configure AWS Cognito User Pool credentials in your environment
Select your execution environment (Claude Desktop/Code) and apply specific setup steps
Use provided API tools like sign_in, reset_password, or update_user_attributes in your workflows

Development mode includes auto-rebuild and debug tools for faster iteration.

AWS Cognito MCP Server Features

Key Features of AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

End-to-end authentication lifecycle management (signup → MFA → deletion)
Seamless integration with both GUI (Claude Desktop) and CLI (Claude Code) tools
Support for TOTP-based multi-factor authentication
Environment-agnostic configuration via .env files
Production-ready error handling and token refresh mechanisms

Use cases of AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

Best suited for:

Enterprise SaaS platforms needing OAuth2 compliance
Applications requiring audit trails through Cognito's logging
Multi-tenant systems leveraging Cognito groups/pools isolation
Hybrid environments combining web/mobile/desktop authentication
Regulated industries needing password policies and MFA enforcement

AWS Cognito MCP Server FAQ

FAQ from AWS Cognito MCP Server: Enterprise Auth & Scalable Identity Mgmt?

Q: Does this work with older Node.js versions?
A: No, requires v18+ for modern security features

Q: Can I customize authentication flows?
A: Yes, through Cognito's custom attribute support and Lambda triggers

Q: What about production deployment?
A: Deploy as a service using PM2 or cloud-run containers, ensure environment variables are secured

Q: How do I handle token expiration?
A: Use the refresh_session tool to automatically renew tokens before expiry

Q: Does MFA require additional setup?
A: Yes, need to configure TOTP settings in your Cognito User Pool

Content

AWS Cognito MCP Server

A Model Context Protocol (MCP) server implementation that connects to AWS Cognito for authentication and user management. This server provides a set of tools for user authentication flows including sign-up, sign-in, password management, and more.

Prerequisites

AWS account with Cognito User Pool configured
Node.js 18 or higher

Installation

# Clone the repository
git clone https://github.com/yourusername/mcp-server-aws-cognito.git

# Install dependencies
cd mcp-server-aws-cognito
npm install

# Build the server
npm run build

AWS Cognito Configuration

Log in to your AWS Console and navigate to Amazon Cognito
Create a User Pool or use an existing one
Note your User Pool ID and App Client ID
Set these values as environment variables or in a .env file (you need .env file only when you use claude code, not claude desktop):

AWS_COGNITO_USER_POOL_ID=your-user-pool-id
AWS_COGNITO_USER_POOL_CLIENT_ID=your-app-client-id

Available Tools

Tool Name	Description	Parameters
`sign_up`	Register a new user	`email`: string, `password`: string
`sign_up_confirm_code_from_email`	Verify account with confirmation code	`username`: string, `confirmationCode`: string
`sign_in`	Authenticate a user	`username`: string, `password`: string
`sign_out`	Sign out the current user	None
`getCurrentUser`	Get the current signed-in user	None
`reset_password_send_code`	Request password reset code	`username`: string
`reset_password_veryify_code`	Reset password with verification code	`username`: string, `code`: string, `newPassword`: string
`change_password`	Change password for signed-in user	`oldPassword`: string, `newPassword`: string
`refresh_session`	Refresh the authentication tokens	None
`update_user_attributes`	Update user profile attributes	`attributes`: Array of `{name: string, value: string}`
`delete_user`	Delete the current signed-in user	None
`resend_confirmation_code`	Resend account verification code	`username`: string
`verify_software_token`	Verify TOTP for MFA	`username`: string, `totpCode`: string

The Inspector will provide a URL to access debugging tools in your browser.

Using with Claude Desktop

Before starting make sure Node.js is installed on your desktop for npx to work.

Go to: Settings > Developer > Edit Config
Add the following to your claude_desktop_config.json:

{
  "mcpServers": {
    "aws-cognito-mcp-server": {
      "command": "/path/to/mcp-server-aws-cognito/build/index.js",
      "env": {
        "AWS_COGNITO_USER_POOL_ID": "your-user-pool-id",
        "AWS_COGNITO_USER_POOL_CLIENT_ID": "your-app-client-id"
      }
    }
  }
}

Using with Claude Code

Claude Code is a command-line interface for Claude. To use this MCP server with Claude Code:

Install Claude Code by following the instructions at Claude Code Documentation
Add the MCP server to Claude Code:

claude mcp add "aws-cognito-mcp" npx tsx index.ts

Verify it's been added:

claude mcp list

Run Claude with your MCP server:

claude

Development

For development with auto-rebuild:

npm run watch

Debugging

Since MCP servers communicate over stdio, debugging can be challenging. Use the MCP Inspector for better visibility:

npm run inspector

Now you can use the AWS Cognito authentication tools with Claude!