I have recently integrated an Oracle Apex app to utilise Microsoft Azure Active Directory to authenticate users. The authentication sends the username from Azure and permissions are granted in an authorisation table in the Apex app.
Users email addresses are matched to a people table with a specified role. A seperate authorisation scheme sets the session to the matching role.
This was performed for a live project management application I have been developing for a client.