We have successfully implemented SSO with Azure AD (SAML based).

We are also building an API that will have a connection to Azure AD to authenticate requests.  The API we are building can accept OpenID or SAML based auth.

The issue we're facing is trying to figure out how to send the authorization along with the API request.

One approach I'm investigating is using a Named Credential with a custom authentication provider (Open ID provider to Azure AD).  But I'm not sure if this is necessary since we already have SSO implemented.

The Apex code would look like this with this approach:
Http http = new Http();
HttpRequest request = new HttpRequest();
request.setEndpoint('callout:MY_API_URL/');
request.setMethod('POST');
request.setHeader('Content-Type', 'application/json;charset=UTF-8');
request.setBody(JSON.serialize(orderPayload));
HttpResponse response = http.send(request);
return response;

If this seems like a reasonable approach, please confirm.  If there's a better way to do this, please let me know. 

It seems that since we already have SSO with Azure set up, we could leverage that without configuring anything more.  But I cannot find any documentation on how to set this up (and what I would need to do in Apex code when calling the API).

New to Salesforce development.  I've spent about one day so far reviewing SF training materials.

I would like to add a button to the Opportunities highlights panel in Lightning.  When clicked, this button would call custom code (Apex class?) and then respond back with a message (Error or success).  Any tips or pointers?  I'm thinking I need to create a custom Lightning component and have it interact with the Apex class (calls external API and processes data).  Is this possible?  Any tips or examples come to mind?

We have successfully implemented SSO with Azure AD (SAML based).

We are also building an API that will have a connection to Azure AD to authenticate requests.  The API we are building can accept OpenID or SAML based auth.

The issue we're facing is trying to figure out how to send the authorization along with the API request.

One approach I'm investigating is using a Named Credential with a custom authentication provider (Open ID provider to Azure AD).  But I'm not sure if this is necessary since we already have SSO implemented.

The Apex code would look like this with this approach:
Http http = new Http();
HttpRequest request = new HttpRequest();
request.setEndpoint('callout:MY_API_URL/');
request.setMethod('POST');
request.setHeader('Content-Type', 'application/json;charset=UTF-8');
request.setBody(JSON.serialize(orderPayload));
HttpResponse response = http.send(request);
return response;

If this seems like a reasonable approach, please confirm.  If there's a better way to do this, please let me know. 

It seems that since we already have SSO with Azure set up, we could leverage that without configuring anything more.  But I cannot find any documentation on how to set this up (and what I would need to do in Apex code when calling the API).

New to Salesforce development.  I've spent about one day so far reviewing SF training materials.

I would like to add a button to the Opportunities highlights panel in Lightning.  When clicked, this button would call custom code (Apex class?) and then respond back with a message (Error or success).  Any tips or pointers?  I'm thinking I need to create a custom Lightning component and have it interact with the Apex class (calls external API and processes data).  Is this possible?  Any tips or examples come to mind?