Authenticate users against Azure Active Directory from PHP web application -

i have website in php , want authentificate users against azure active directory. ldap_connect , bind have no problems local ad-server in our company.

function checkadaccount($username, $password) {     $adserver = "myadserver";     $ldaprdn = 'mydomain' . "\\" . $username;      $ldap = ldap_connect($adserver);      ldap_set_option($ldap, ldap_opt_protocol_version, 3);     ldap_set_option($ldap, ldap_opt_referrals, 0);      $bind = @ldap_bind($ldap, $ldaprdn, $password);      if ($bind) {         @ldap_close($ldap); // verbindung schließen         return true;     } else {         return false;     } } 

but application hosted @ amazon web services (aws) , not in same domain, can't use way. ldap_connect , bind functions local ad-server in our company. application hosted @ amazon web services (aws) , not in same domain, can't use way.
tested graphapi clientid , key company azure. can read users-data, don't see possibility check user/password combination. want check, if there exists user password, don't need read there.
tried modify ldap-solution above changing parameter of adserver , of user
$ldaprdn = 'samaccountname=' . $username . ',cn=users' . ',dc=mydomain,dc=com';

but allwaws get: "warning: ldap_bind(): unable bind server: can't contact ldap server ". tried multiple versions adserver delievers binding.
have idea error. suggest ldap_connect wron way, espacially don't know server-adress right 1 , how had tell clientid , key.

currently, azure ad doesn't support ldap connection. provides oauth2 authentication , authorization. can refer authentication scenarios azure ad detailed azure ad scenarios.

for requirement authenticate users in domain, can leverage code sample implement authentication via azure ad.

otherwise, can follow authorization code grant flow build custom code authenticate users.

any further concern, please feel free let me know.