A managed service that handles user sign-up, login, password recovery, and identity verification so developers don't have to build these from scratch. Like hiring a security company to manage building access instead of installing your own locks and badge system.
A SaaS startup uses Amazon Cognito to add Google and Facebook login to their app, manage user accounts, and issue secure tokens — handling millions of sign-ins without writing any authentication code from scratch.
AWS Cognito, Entra External ID (Azure AD B2C), and GCP Identity Platform are purpose-built customer identity (CIAM) services for app sign-up/sign-in, social login, and token issuance. OCI IAM is primarily workforce/tenant IAM; it can support OAuth/OIDC and federation but is not as app-centric for end-user sign-up flows as the other three.