Role Mapping while using Identity Provider

Is it possible to fetch/associate the role data as part of Identity Provider configuration?

Currently we have integrated our application with Keycloak and for all user data we rely on Keycloak. And there are client roles defined for our application’s client in keycloak and realm roles can be created using that if needed. If any of our clients have an IAM that in use already, we will configure their IAM as an Identity Provider in Keycloak.

But the problem here is that with this we will be able to fetch user info and it gets stored on the Keycloak and any role that is to be assigned to this user is now supposed to be done on keycloak (this is my understanding, please correct me if I’m wrong here)?

Is there a possibility where roles can be configured on the host IAM itself?

Any suggestions or a best practice solution are much appreciated.