Hello @Shahar Reuven ,
Thanks for reaching out.
The device must be Azure AD Joined or Hybrid Azure AD Joined, because Bit-locker recovery key store on AAD under device objects also make sure Windows 10 operating system is up to date with latest release.
Hope this helps.
------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.