How to connect Keycloak to a third party authentication service to get id and then get rols from KC user federation service

I have two contexts with two different authentication mechanisms

  • First one is already configured in KeyCloak by user federation that access a database to get user and roles.
  • Second one need to redirect to an external url to authenticate user throuh various methods and then redirect to an url-callback with a one use ticket-id. Once you verify that token-id you get user information like id, name but no roles. So once I back I should query the user federation service for permissions before to grant access that user.

I am not sure which would be the best way to do this.

Is there a simply way to implement this use-case with keycloak?

Thanks in advance!