Proxy API to protect internal services

I am going to instal Kong service in our own environment , but i just wanted to understand if we can achive bellow

exampl, we have some MAP service like this : 9966 9967

Now we want, instead of user (pubic) connecting directly to those port and abuse our map, we want they will send us Access Token, when that Access token will be validated by Kong, then Kong willl divert those call to our internal service to provide map ( Revese proxy type)

exaple mapbox access token.

will i be able to achieve this kind of scnerio ?
Please let me know