Limit the user access to Angular App based on session-count from keycloak

Getting advice
,
1

I am working on an Angular App which authenticates its users from a keycloak server , I am using below initialization function from keycloak service (‘keycloak-angular 8.2.0’ ).

import { KeycloakService } from 'keycloak-angular';
export function initializeKeycloak(keycloak: KeycloakService): () => Promise<boolean> {
console.log('keycloak profile will be loading...')
return () =>
    keycloak.init({
        config: {
            url: 'http://localhost:8080/auth',
            realm: 'MyRealm',
            clientId: 'uiclient',
        },
        initOptions: {
            onLoad: 'login-required',
            checkLoginIframe: true,
            checkLoginIframeInterval: 25
        },
        enableBearerInterceptor: false,
        loadUserProfileAtStartUp: true
    });
 }

I declared the same as APP Initializer in ‘app.modules.ts’

{
provide: APP_INITIALIZER,
useFactory: initializeKeycloak,
multi: true,
deps: [KeycloakService],
}

I got a requirement to restrict the users based on the current sessions, Eg: If the current session count w.r.t a client(here users with client id-‘uiclient’) is 100, restrict all further users to access the App(Login can be success but no access to any features of my App).

Initially, I planned to achieve this in my business logic, i.e., when this Angular app is initializing, I made an API call to below key cloak API that responds with current session count.

http://localhost:8080/auth/admin/realms/FUMS/clients//session-count

Based on the count, I either allow user or deny user to access the further features of my APP. But , when ever the app gets refreshed , the logic I had followed will restricts the logged in users who had already logged in. Instead of writing this logic in APP initializer I am planning to implement it once the user login gets successful. So that after every user login, I will verify the session count and disable the further features if session count > restricted count.

Since authentication is handed over to the keycloak-angular service, i am not sure who to achieve this, is there any keycloak-angular function that can be used as callback function to implement my business logic post the successful user login ?? or any other way to restrict the users of a client from key cloak ??