You are building a mobile app for consumers to post cat pictures online. You will be storing the images in AWS S3. You want to run the system very cheaply and simply. Which one of these options allows you to build a photo-sharing application with the right authentication/authorization implementation?

Answer options:

A.Build the application out using AWS Cognito and web identity federation to allow users to log in using Facebook or Google Accounts. Once they are logged in, the secret token passed to that user is used to access resources on AWS, like AWS S3 directly.
B.Use JWT or SAML compliant systems to build authorization policies.Users log in with a username and password, and are given a token they can use indefinitely to make calls against the photo infrastructure.
C.Use AWS API Gateway with a constantly rotating API Key to allow access from the client-side.Construct a custom build of the SDK and include S3 access in it.
D.Create an AWS oAuth Service Domain ad grant public signup and access to the domain. During setup, add at least one major social media site as a trusted Identity Provider for users.

Answer – A
Amazon Cognito lets you easily add user sign-up and sign-in and manage permissions for your mobile and web apps. You can create your own user directory within Amazon Cognito. You can also choose to authenticate users through social identity providers such as Facebook, Twitter, or Amazon; with SAML identity solutions; or by using your own identity system. In addition, Amazon Cognito enables you to save data locally on users` devices, allowing your applications to work even when the devices are offline. You can then synchronize data across users` devices so that their app experience remains consistent regardless of the device they use.
For more information on AWS Cognito, please visit the below URL:
http://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html