Cognito Client Integration Guide


The USTA API uses AWS Cognito as an identity provider organized using the OAuth2 access model. Web and mobile applications interact with Cognito using https

Grant Types

Applications can use one of two OAuth2 grant types:

  • Authorization Code used for browser applications where the user authenticates as themself.

  • Client Credentials used for server-side applications where the service authenticates as the service and establishes a session.


After discussion with the USTA API team, USTA will issue credentials for the appropriate grant type to the application developers.

Important Consideration

Due to AWS Simple Email Services constraints, it is imperative that you use real email addresses for registration and forgot password testing scenarios. Emails that cannot be delivered (considered a bounce) will count against the SES bounce score. When too many bounces are received in a 24 hour period, Amazon will suspend the operation of the USTA SES instance. This notice applies to registration and forgot password scenarios.

  • Please register using a valid email

  • Please use a real email when performing forgot password