how to use APM policy to grab user credentials from the http header and use them to login to external authentication database on behalf of the user

How to use APM policy to grab user credentials from the http header and use them to login to external authentication database on behalf of the user ? I am working on a requirement where a few application servers would be generating requests to the F5 protected APM web servers and would need F5 to look at the HTTP request headers and grab the authentication credentials from it and use them to login to azure AD on behalf of the application server. We are unable to use auth code or password grant type to have the app call redirect to azureAD login or simply present a F5 login page to input credentials because the app is not configured to input or respond with authentication credentials on any logon prompts. If an irule can be used to grab the user credentials, then we want the irule to be able to also trigger an APM policy that is configured to reach out to azure AD for login. The irule should present to the policy or policy should be able to grab the user creds extracted from the irule to go on and authenticate to azureAD on behalf of the requester as per its configuration