If your server is on Cornell network, you can get a holdingID for your application from your unit's OU admin. Then using that holdingID to query group membership from AD. If you don’t know who your OU admins are, you can find them from https://manage.ad.cornell.edu/info/ouadmins.html
Servers in AWS should search against ldaps://awsquery.ad.cornell.edu:636
Servers on premise should search against ldaps://query.ad.cornell.edu:636
If your server is off campus, please follow the instruction https://it.cornell.edu/cornellad/active-directory-lightweight-directory-service-ad-lds
Searching group membership in AD uses LDAP. Depending on what programming language you use, you can find lots of examples online.