[keycloak-user] Users/Groups access restrictions

Hi Keycloak peoples! I'm slowly introduce keycloak in production environnement, but I still do not Know how to restric permissions to users or groups. To picture my words, I have 3 Applications A,B and C All company people can access to the application A For the application B I want prohibit access to non-admin group member. So when a non-admin clic on OIDC button to login in app an redirect to keycloak, I wan't a message like "you don't have permissions". And for the application C all people can access except Bob because he have broken twice this application :-) It's posisble to do it?