> For the complete documentation index, see [llms.txt](/llms.txt). # AWS Cognito Login with Embedded Wallets [AWS Cognito](https://aws.amazon.com/cognito/) is a scalable authentication service provided by Amazon Web Services that enables developers to securely manage user sign-up, sign-in, and access control. Embedded Wallets supports AWS Cognito as a service provider, allowing seamless integration between AWS Cognito's authentication capabilities and Embedded Wallets's decentralized key management infrastructure. AWS Cognito [supports a wide set of social logins](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-social-idp.html). ## Create an AWS Cognito application[​](#create-an-aws-cognito-application "Direct link to Create an AWS Cognito application") To begin the integration process, developers must first create a new AWS Cognito application using the [AWS Management Console](https://console.aws.amazon.com/). This initial setup is required before configuring the connection within Web3Auth. Once the AWS Cognito application is created, developers can proceed to add it as a custom connection in the dashboard. [Learn how to set up AWS Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-console). ## Create an AWS Cognito connection[​](#create-an-aws-cognito-connection "Direct link to Create an AWS Cognito connection") Create AWS Cognito Connection To use this feature, developers must go to the **Custom Connections** tab in the [dashboard](https://developer.metamask.io). ![Custom Connection Options](/assets/images/authentication-custom-connections-a06b9c38e016e823593b54dc20968a5e.png) Follow these steps to create a AWS Cognito connection: 1. Visit the [dashboard](https://developer.metamask.io). 2. Go to the **Custom Connections** section. 3. Click on the **Settings** icon near the **AWS Cognito** connection. 4. Enter the **Cognito Connection ID**. 5. Paste `https://cognito-idp.{REGION}.amazonaws.com/{USER_POOL_ID}/.well-known/jwks.json` as **JWKS Endpoint**. 6. Paste a sample JWT Token to auto populate the best **JWT validations** possible. 7. Select the **JWT user identifier**: `email`, `sub` or `custom`. 8. (Optional) Toggle the case sensitivity of **User Identifier**. 9. Click on **Add Custom Validations** to add validations manually. 1. Type iss as a field and `https://cognito-idp.{REGION}.amazonaws.com/{USER_POOL_ID}` as a value. 2. Next, type aud as a field and `APP_CLIENT_ID` as a value. 10. Click on the **Add Connection** button to save the settings. note Replace the `REGION`, `USER_POOL_ID`, and `APP_CLIENT_ID` with your Cognito-specific details. ![AWS Cognito Connection](/assets/images/aws-cognito-connection-4c7795cdd795a27a9e2573fa87b5bbb7.png) ## Usage[​](#usage "Direct link to Usage") Since the **AWS Cognito Connection** details are available from the dashboard, developers don't need to pass any additional parameters to the `Web3AuthProvider`. tip Follow our [quickstart](/quickstart/?product=EMBEDDED%5FWALLETS&walletAggregatorOnly=NO&framework=REACT&stepIndex=0) to set up the basic flow. ### Log in with AWS Cognito[​](#log-in-with-aws-cognito "Direct link to Log in with AWS Cognito") web3authContext.tsx ``` await connectTo(WALLET_CONNECTORS.AUTH, { authConnection: AUTH_CONNECTION.CUSTOM, authConnectionId: 'w3a-cognito-demo', extraLoginOptions: { clientId: import.meta.env.VITE_COGNITO_CLIENT_ID, domain: 'https://shahbaz-web3auth.auth.ap-south-1.amazoncognito.com', verifierIdField: 'email', response_type: 'token', scope: 'email profile openid', }, }) ```