cognito
AWS Cognito user authentication and authorization service. Use when setting up user pools, configuring identity pools, implementing OAuth flows, managing user attributes, or integrating with social identity providers.
86
82%
Does it follow best practices?
Impact
90%
1.11xAverage score across 3 eval scenarios
Risky
Do not use without reviewing
Evaluation results
100%
Bootstrap Authentication for a B2B SaaS Platform
User Pool and App Client configuration
Password min length
100%
100%
Password complexity
100%
100%
Email as username
100%
100%
Email auto-verified
100%
100%
MFA enabled
100%
100%
Email update verification
100%
100%
Client secret generated
100%
100%
Auth flows specified
100%
100%
Token validity units
100%
100%
Token lifetime values
100%
100%
OAuth code flow
100%
100%
OAuth scopes
100%
100%
70%
5%Python Authentication Client for Internal Microservice
SRP auth, SecretHash, and token management
SRP auth flow
0%
0%
Warrant library used
0%
0%
SecretHash HMAC-SHA256
100%
100%
SecretHash in API calls
100%
100%
JWKS endpoint
100%
100%
RS256 algorithm
100%
100%
Audience validation
0%
100%
Issuer validation
100%
100%
Token refresh implemented
100%
100%
Exponential backoff
100%
100%
Access token for API
30%
0%
100%
20%Multi-Tenant Web App Authentication with AWS Resource Access
OAuth PKCE, M2M auth, and Identity Pool setup
PKCE code verifier
100%
100%
PKCE S256 challenge
100%
100%
PKCE in token exchange
100%
100%
No implicit flow
100%
100%
No client secret in frontend
100%
100%
Access token for API
0%
100%
M2M client credentials grant
100%
100%
M2M Basic auth header
0%
100%
ServerSideTokenCheck
100%
100%
Authorization code grant for SPA
100%
100%
- Repository
- itsmostafa/aws-agent-skills
- Commit
5df6da7
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.