[keycloak-user] Application/Client specific "permission" resolution ability in keycloak

Hello, Is there an ability in Keycloak to manage application/client "permissions", similar to what Shiro has using WildCardPermissions. http://shiro.apache.org/permissions.html I understand that this is very domain and application specific, but is there some generic way to manage these for specific Keycloak clients? Currently trying to implement permissions for a couple of keycloak clients in custom way; roles are stored in keycloak, the applications manages the permission mapping with the specific roles. Any pointers to the same would be very helpful. Thanks and regards, Subhro.