I am curious, what do people use Cognito for? I’ve never not ended up regretting using it.

Cognito is AWS's customer's customer's user login system, so I, as a SaaS company, would use it so my users can log in to my platform. They charge per-user, so if my platform is going to have millions of users, choosing Cognito is a bad idea that will eat all my money.

However if I only expect to have a handful of (lucrative) users, it's not the worst idea. The other reason to use Cognito is that AWS handles all the user login issues, and costs very few lines of code to use on my end. The fatal security issue is getting hacked, either the platform as a whole, eg S3 bucket with bad perms or user login getting leaked and reused. While obviously no system is unhackable, the gamble is if a homegrown system is more impervious than Cognito (or someone else's eg Supabase). With a large development team where the login system and overall system security isn't going to be an afterthought, I wouldn't think about using Cognito, but where both of those things are an afterthought, I'd at least consider Cognito, or some other managed system.

The ultimate problem with Cognito though is the vendor lock in. (Last I checked, which was years ago) in order to migrate users out, they have to reset their password which would cause users to bounce off your service instead of renewing their subscription.