We have an application running in JBoss EAP which uses Active Directory for Auth and Role management. Our application has defined permission per page and we create new roles based on customers and assign subset of these permissions to roles. JBoss EAP login module RoleMappingLoginModule does the task of converting Role (Security Group) to these permissions so that application can get list of Permissions from JBoss. 4.4. Role Mapping LoginModule Red Hat JBoss Data Virtualization 6.3 | Red Hat Customer Portal
Eg Role = SysAdmin; Permissions: SystemConfig, CreateTenant, DeleteTenant, AddUser …
Role = TenantAdmin; Permissions: AddTenantUser, LockTenantUser, ChangeTenantUserPass…
Role = TenantUser; Permissions: ViewCustomers, ViewQuotes…
Is there an equivalent in Keycloak. I explored KC admin UI and Server and Authorization documentation and I do not see this is mentioned anywhere.