Cognito uses both cognitoId and sub to identify a user. This project from the official awslabs uses the cognitoId as primary key in the database tables to link data to a user object, but the documentation about sub clearly states: sub : the UUID of the authenticated user. This is not the same as username .
What are the benefits of Amazon Cognito?
Amazon Cognito lets you easily add user sign-up and authentication to your mobile and web apps. Amazon Cognito also enables you to authenticate users through an external identity provider and provides temporary security credentials to access your apps backend resources in AWS or any service behind Amazon API Gateway.
What is the difference between Cognito and IAM?
Developers describe Amazon Cognito as “Securely manage and synchronize app data for your users across their mobile devices”. On the other hand, AWS IAM is detailed as “Securely control access to AWS services and resources for your users”. AWS Identity and Access Management.
How do you invalidate a Cognito session?
Calling the LogOut endpoint will invalidate any session you had with the Hosted UI/ Oauth endpoints. Another option is to call globalSignOut  and this will invalidate all of the users Access and Refresh tokens (being used against the Cognito API).
Is AWS Cognito any good?
Amazon Cognito can be a great service. Its secure, cheap, and easy to use right out of the gate. If youre setting up a new prototype application, it might be a great choice. It will enable you to quickly focus on value-producing application features and give you the peace of mind of a secure authentication system.
What is the Cognito?
Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps. Your users can sign in directly with a user name and password, or through a third party such as Facebook, Amazon, Google or Apple. The two main components of Amazon Cognito are user pools and identity pools.