The authentication is only the first step. After it has authenticated it then is associated with a proxy account on MySQL. That proxy account should have permissions defined for whatever database.
For example, let's imagine you have several PAM accounts setup and each one is supposed to have different permissions. If the PAM account belongs to group1 and another to group2 you can associate each one of these to different internal MySQL accounts:
CREATE USER ''@''
IDENTIFIED WITH authentication_pam
AS 'mysql, group1=dev, group2=admin';
In the example above, anyone belonging that has access to group1 PAM group will be mapped to the dev user account on MySQL and those belonging to PAM group2 will be mapped to admin user account on MySQL.
Within the database the user accounts dev and admin may have different accesses to different or the same databases.
There are possible scripts you could write on UNIX/Linux which could handle this for you but there is nothing in MySQL directly. So you could create a script for adding a user. This script adds to PAM (you will probably have to signal PAM to reload the configuration) and also create a new MySQL user so that these are associated and the dedicated database). A second script could be used to remove a user, which drops the MySQL and drops the dedicated database.