Hey,
I would like to clarify that i understood you correctly,
You have an on-premises AD which has all your users and the servers which are deployed in Azure.
and you would like the users from the on-premises to authenticate to Azure AD with the same credentials, and have access to the PaaS service?