[keycloak-user] Keycloak Authorizaion with SaaS

Hi Guys, Just wondering if it's possible to do any implement any keycloak authorization controls for a SaaS app scenario where we don't have the ability to modify the application? e.g. We want to allow or deny access to an application based on role but no code can be added to the app.