Here’s what you’ll work through as part of this migration:

  1. Creating a Rownd account and setting up your test and production apps.
  2. Updating your code to leverage Rownd instead of Cognito for authentication.
  3. Migrating your existing users to Rownd.
We’ve prepared a sample repository that demonstrates the migration process from a code perspective.

Set up Rownd

  1. Sign into the Rownd Platform. If this is your first visit, an account and app will be created for you automatically.
  2. Create a new Rownd app for your product. You'll probably want to create a separate app for your test and production environments.
  3. Enable the sign-in methods that you want to support. If you already have Google or Apple sign-in enabled, you can use the same credentials in Rownd.
  4. Customize the sign-in experience to match your brand with logos and colors.

Update back-end code

You’ll need to update your backend APIs to accept Rownd-signed JWTs instead of AWS Cognito JWTs.

  1. Install the Rownd SDK for your back-end language or framework.
  2. Locate code that uses the AWS Cognito to manage users, validate tokens, and so on. Remove this code.

Our SDKs provide functions to validate Rownd tokens, fetch user data, and in some cases middleware that you can plug directly into your request handlers to authenticate users automatically.

Here’s an example using Express middleware in Node.js:

Notice the use of the authenticate middleware function from rownd.express which validates a JWT in the Authorization header and fetches profile data from Rownd, making it available on the request object for other request handlers. You can also build a middleware yourself or use one-off instances of rownd.validateToken(token) and rownd.fetchUserInfo(token).

import { createInstance } from '@rownd/node';
const rownd = createInstance({
  app_key: 'YOUR_APP_KEY',
  app_secret: 'YOUR_APP_SECRET',
const { authenticate } = rownd.express;

app.get('/api/*', authenticate({ fetchUserInfo: true }));

app.get('/api/profile', (req, res) => {
        profile: req.user

Update front-end code

  1. Install the @rownd/react dependency with your preferred package manager
npm install @rownd/react
  1. Add the <RowndProvider> to the app’s main entry.
import React from 'react',
import ReactDOM from 'react-dom';
import { RowndProvider } from '@rownd/react';
import App from './App';

    appKey="<your app key>"
    <App />
  1. Replace all sign up and sign in buttons to trigger the requestSignIn flow for new or existing users.
const { requestSignIn } = useRownd();
<button onClick={() => requestSignIn()}>Login or Sign Up</button>
  1. Replace ConfirmSignUp with is_authenticated API request
const { is_authenticated } = useRownd();
return (
    {is_authenticated && <ProtectedRoute />}
    {!is_authenticated && <PublicRoute />}
  1. Replace InitiateAuth with getAccessToken API request
const { getAccessToken } = useRownd();

let accessToken = await getAccessToken({
  waitForToken: false,
  1. Replace sign out buttons to send a signOut API request
const { signOut } = useRownd();
<button onClick={() => signout()}>Logout</button>

Sync user profiles (optional)

Export user data, then import it

  1. To do a bulk import of all users from your Cognito to Rownd see our GitHub repo to export user data and transform your user data to the correct schema

  2. Then use the following script to import your users into Rownd.

const axios = require('axios');
let data = JSON.stringify({
  "users": [
      "user_id": "__default__",
      "data": {
        "email": "romeo@gmail.com",
        "sub": "41dbf550-1031-70e1-cc01-ce0106007d33"
      "user_id": "__default__",
      "data": {
        "email": "johndoe@mailinator.com",
        "sub": "518b35f0-9081-707d-5814-54cb79d27cc6"
      "user_id": "__default__",
      "data": {
        "email": "janedoe@gmail.com",
        "sub": "910b8560-c071-70a3-09e3-ef0bd61a8168"

let config = {
  method: 'put',
  maxBodyLength: Infinity,
  url: 'https://api.rownd.io/applications/<YOUR APP ID>/users/data',
  headers: { 
    'x-rownd-app-key': '<YOUR APP KEY>', 
    'x-rownd-app-secret': '<YOUR APP SECRET>', 
    'Content-Type': 'application/json', 
  data : data

.then((response) => {
.catch((error) => {