0

I'm about to write a simple goAngular app for info sharing within heterogeneous cross-domain team (thus I like the idea of ​​using a third party authentication), but I'm still struggling with it. Is it possible to use the "groups" if you use a third-party authentication, or I have to rely on "user-id's?" Who, when and how can modify the array "groups" to control access?

Would anybody be so nice and help me to draft a least expensive access management scheme, where a uniquely identified master user(s) ["google: whatever64"] could manage permissions to other users?

My question is thus wide and general as I believe it must be a mix of code, ACL-tree and database entries(keys).
I will be very grateful for any meaningful advice.

Skiper Skiprovic
  • 361
  • 3
  • 6
  • Unfortunately at the moment you can't restrict access by provider and there's also no way to dynamically change permissions. This has been identified as a potential roadmap feature, we are currently discussing implementations internally. – GoInstant Support Jun 03 '14 at 13:45
  • Thank you for the response but it wasn't my point. I'm just struggling to make a master user, that can enrich and manage other .users models (mainly groups). Simply is there any chance how to programmatically say user **google:101283782381919262411** belongs to **Admin** group? – Skiper Skiprovic Jun 03 '14 at 19:44

1 Answers1

2

I think what you are looking for is Custom JWT. You would then need to update your JWT accordingly. Both of these processes happen outside of your GoInstant app itself. There are a couple libraries to help you out with JWT's here.

bendecoste
  • 778
  • 6
  • 13
  • Thank you for your comment. This confirms my belief that [groups] is applicable only for users who are identified by my own domain (custom JWT) and not by a third (public) party like FB or Google. – Skiper Skiprovic Jun 05 '14 at 07:46