← Back to Recipes

How to replace Keycloak with Amazon Cognito

Don’t leave apps — or your customers — behind when moving your data center to the cloud. Move any app over to Amazon Cognito without refactoring instead.

Read the docsTry this in Maverics

  • Save months (or years) of refactoring non-standard legacy apps
  • Shift apps to a cloud IDP in minutes with zero downtime and no technical debt
  • Improve security without taking on massive increases in per-user costs
Ingredients
Amazon Cognito
Keycloak
Migration

Stop refactoring Keycloak apps. Try this instead.

Setup details

Just add your ingredients and deploy.

What the user sees

Your customers don’t care what identity provider you use to authenticate them — they care that it works. Use Identity Orchestration to make sure everything works perfectly every time.

  • Familiar login. Customers head to the same screen and start the app authentication flow.
  • Invisible redirection. Behind the scenes, Maverics evaluates the app policy in config and directs your customers to Amazon Cognito.
  • Quick, smooth passkey authentication. The customer enters their details, gets authenticated and logs in. Everything in the app looks the same as before.

What the admin does

Switching to a modern IDP stopped being optional when modern standards emerged and data centers moved to the cloud. Use Identity Orchestration to make your IDP shift as quick and painless as possible.

  • Prepare your work surface. Define the upstream application and the port Maverics will use to communicate with the app.
  • Set the rules. Define the basic policy that enforces authentication to Amazon Cognito and define how Maverics will provide context to the upstream application.
  • Configure. Set Maverics up as an authentication gateway and give it the right permissions to direct users correctly.

Solve more modernization challenges with ready-to-deploy recipes

Step-up
1Kosmos
PMFA
MFA
How to add 1Kosmos passwordless step-up authentication and user registration

Quickly protect any resource with Passwordless MFA (PMFA) and register new users without disruption to the access workflow.
OAM
Azure AD
Migration
How to move from OAM to Azure AD

Oracle Access Manager is challenging to maintain and provides limited app protection possibilities. Use this recipe to replace it with Azure AD without refactoring your apps.
OAM
Okta
Migration
How to move from OAM to Okta

Oracle Access Manager is challenging to maintain and provides limited app protection possibilities. Use this recipe to replace it with Okta without refactoring your apps.

View all recipes

Ready to cook up your perfect identity modernization solution?

Stop juggling disparate identity services. Unleash the power of Strata’s orchestration recipes.
Whether you’re dealing with legacy app modernization or controlling multi-cloud access, Orchestration Recipes have got you covered.

Read the docsTry this in Maverics