Architecting Multi-Tenant SaaS: Beyond the 1,000 User Pool Limit in Amazon Cognito

The "One Pool Per Tenant" Wall If you've ever built a multi-tenant SaaS on AWS, you've likely reached for Amazon Cognito. It’s the logical choice: managed, secure, and integrates deeply with the AWS ecosystem. But as your platform grows from 10 to 100 to 500 tenants, you hit a hard, non-negotiable ceiling: The 1,000 User Pool Limit. For many developers, this is the moment of panic. Do you request a quota increase (which is rarely granted for this specific limit)? Do you migrate to Auth0 and watch your margins disappear? Or do you re-architect? In this deep dive, we’re going to explore how to break past the 1,000-pool barrier by moving from a "Siloed" identity model to a "Shared" or "Hybrid" architecture. We’ll look at production-ready patterns using Node.js and Python, and how to maintain strict tenant isolation without the infrastructure bloat. Why the Siloed Model Fails at Scale The "One User Pool Per Tenant" (Siloed) approach is often the first choice because it offers the cleanest