Thank you all for the discussion and your suggestions. The solutions @tadamichi @vv181 and @NotATether provided are exactly the thing I was looking for.
One final thing about grouping
If I go with bitcoin:bitcoin and add every user who needs access to the .cookie file to the bitcoin group there is the potential that I give them all access to all other files only by falsely setting a group permission of a file. With a dedicated bitcoin:btcCookie group for the .cookie file there is an additional layer of protection - since the other files would still be owned by bitcoin:bitcoin only. I would have to mess up group ownership AND file permissions. Maybe a bit overkill, I know but hey, why not
One final thing about grouping
And I don't think you need a separate bitcoin group. You just need bitcoin:bitcoin, and only assign the .cookie file as group readable, with the above command.
If I go with bitcoin:bitcoin and add every user who needs access to the .cookie file to the bitcoin group there is the potential that I give them all access to all other files only by falsely setting a group permission of a file. With a dedicated bitcoin:btcCookie group for the .cookie file there is an additional layer of protection - since the other files would still be owned by bitcoin:bitcoin only. I would have to mess up group ownership AND file permissions. Maybe a bit overkill, I know but hey, why not