I'm about to write a simple goAngular app for info sharing within heterogeneous cross-domain team (thus I like the idea of using a third party authentication), but I'm still struggling with it. Is it possible to use the "groups" if you use a third-party authentication, or I have to rely on "user-id's?" Who, when and how can modify the array "groups" to control access?
Would anybody be so nice and help me to draft a least expensive access management scheme, where a uniquely identified master user(s) ["google: whatever64"] could manage permissions to other users?
My question is thus wide and general as I believe it must be a mix of code, ACL-tree and database entries(keys).
I will be very grateful for any meaningful advice.
I think what you are looking for is Custom JWT. You would then need to update your JWT accordingly. Both of these processes happen outside of your GoInstant app itself. There are a couple libraries to help you out with JWT's here.