Sure, two steps:
- Add the Role name in the manifest: General aspects - Cumulocity IoT Guides
- Annotate your endpoint with that role
@PreAuthorize("hasRole('ROLE_A')")
https://cumulocity.com/guides/microservice-sdk/java/#microservice-security
Please note that the new role will be created when the microservice is deployed in the tenant. From Administration → Roles or users you can then find this new defined role and assign it to specific users only.