Kibana SSO with Azure - different roles for different users

HI,
I have setup the security plugin to use basic (for internal) and OIDC for SSO in Kibana.
In kibana.xml I have put

opendistro_security.readonly_mode.roles: [“kibana_read_only”]

I want to give all_access to some users who will be admins. Rest I want to keep kibana_read_only
Even admin users will be using OIDC SSO so cannot set them up in internal_users.yml

I wanted to know if a workflow exists which would allow me to do this? If I missed going through documentation please point me to it.