Agree on using an external uuid that is not coupled to any implementation

[ojongerius]

As promised in https://github.com/freeCodeCamp/open-api/pull/177

• [x] Agree on using an external uuid that is not coupled to any implementation

@freeCodeCamp/open-api do we agree to not leak internal IDs, be it Mongo or Auth0, and use externalId, which will be portable?

[raisedadead]

I agree that we should be using the externalId as the foreign key.