You can use Access Manager feature with wildcard channel names, however, you need to keep in mind the way it works.
Access Manager checks all permissions that match a given channel pattern (foo.*), first. If no permissions are found for a wildcard pattern match, then it looks for an explicit channel match (foo.bar). In other words, if a permission does not exist for wildcard pattern, it checks the exact channel name for the permission.
If you have a wildcard foo.* with read=true and write=true, and a foo.bar channel with read=true and write=false, publishing to foo.bar would succeed, following the wildcard permissions.
In case you have foo.* with read=true, write=false and a foo.bar with read=true, write=true, publishing to foo.bar would also result in success, following channel-specific permissions.
NOTE: If permission is granted using a wildcard (foo.*), you cannot remove a permission for an explicit channel (foo.bar) that matches that channel pattern. In other words, permissions granted for the channel pattern exist for all channels that match that pattern even if you attempt to revoke a permission for an individual channel name
In case of any questions, contact us at support@pubnub.com.