To secure your app you need to be able to do two things - know who the user is and configure which data they can access.
Authentication allows you to add signup and login to your app with Auth0 or one of the social login providers like Facebook Login. The requests to the API of your Reindex app are authenticated using tokens.
Authorization allows configuring access to your data using permissions. You can add permissions to your schema that define access to each node type on a granular level based on your data. That means you don’t need to maintain the memberships of separate groups or roles, but you can infer the permissions from your data instead. This system is flexible enough that you can also use it to add role based access control to your app when you need it.