Authentication through SSO

We want to only authenticate user credentials without assigning the role from keycloak but assign the role within my jmix based application. What I have noticed , we have to assign respective users role within keycloak environment in openid addon before the user can successfully load the role attributes within my jmix application. Is it possible , we can bypass the role assigned from keycloak. But the role is assigned within my jmix application just after the authentication is complete so that the user specific role management can be done within my jmix application keeping authentication-only task at keycloak side.

Hi.

Please take a look at this: OpenID Connect :: Jmix Documentation and OpenID Connect :: Jmix Documentation.
This allows you to configure mapping user from OIDC with user in application, including roles.
It looks like you need custom ClaimsRolesMapper and\or populateUserAuthorities method override.

Regards,
Ivan