Hi Guru,
In short: yes. You would use the SAML module in the Mendix app store to achieve the SSO functionality you need. In that module, you can configure both authentication and authorization. For Authorization, you can configure a microflow to read any assertions provided in the SAML message, and then use that information to configure your user with the correct Mendix user roles. The authorization check runs for each user login, so you can continue to maintain this data in your external system.