I was able to set up my GAE application to only allow users from our Google Domain, but I want to take this a step further. All of our users are placed into specific Google Groups based on their roles within the community. For example, Contributors would have a group called "contributors" and Users would have a group called "users", and some of these users would also be in the "contributors" group.
Is there a way to restrict who can use the application based on what Google Group they are in? Like if I only wanted people in the "contributors" group within my Domain to be able to access it? I was hoping there was a way to do this in the Admin Console within my Domain.
If not, can I query the Groups API to get a list of groups the user is in, and then use that to determine whether they can log in or to determine what content or pages they are served?
