a simple group ID in the users table would be fine for your application it sounds like. you could then do like catfish said and put a check in the controller constructor or in the specific method itself.
in the future implementing another table like "permissions" or "roles" or "scopes" would allow you to create fine grain permissions inside your application. see implementations like oauth server's(https://github.com/alexbilbie/CodeIgniter-OAuth-2.0-Server)
function user_get($id)
{
$this->load->library('oauth_resource_server');
if ( ! $this->oauth_resource_server->has_scope(array('user.details', 'another.scope')))
{
// Error logic here - "access token does not have correct permission to user this API method"
}
// API code here
}
This might be more applicable down the line when you need to actually fine tune permissions or want more flexible permissions for when you create RESTful API's. For your current a case a generic check in the constructor or method will do.