APM with Azure AD giving token ID to app authentication

Hello folks:

Please, hope you could help me with this question.

Currently, I have some applications developed in Visual Studio which are also declared in Azure AD (AAD) in order to take advantage of some sort of Federation. Thus, every user who wants to access to the apps must go to www.office.com so they can authenticate against the AAD. In order to do this, every app Visual Studio code has the Azure app ID. The AAD gives token IDs to the users wanting to access the apps. I am planning to deploy the F5 APM solution so I can centralise all those apps in the webtop due to I need to un-publish those apps from the Internet and offer them as a Portal Access with SSO. The F5 APM could become another app in the AAD, but the AAD must give token IDs to the APM portal. The token IDs given to the APM must be used by the Portal Access as its SSO. The token IDs delivery must remain the same and the APM only needs to use the tokens to perform SSO. How could I achieve this? Is there any possibility to use oAuth Bearer SSO to achieve this goal?

Any suggestion or advice is very appreciated.

Thanks

Omar.