Authenticate orchestrator api using azure ad (SSO) on prem

Hello all,
I need a help to authenticate orchestrator api, but the orchestrator web site(interface) is being authenticated by azure AD (SSO), there is an application registration that we used to authenticate it via web.
Whereas I need to use the api and I already tried to take the bearer token generated from azure (using the app resgistration informations) to use on orchestrator api endpoints for exemple: https://{orches url}/odata/robots… but the token was not valid.

Also I tried to authenticate the api adding an external account on orchestrator management taking the app id end secret and scope, I was able to generate a token bearer, but the token was not valid to authenticate it. The message is awalys the same: You are not authenticated.

OBS: when I enter on orchestrator web authenticating by sso and I open another tab to access orchestrator api on swagger page, I’m able to do any call on the api, but using postman for example the authentication does not happen.

I just need to call and use the api authenticated by sso to do my tasks without orchestrator interface…

Someone could help on this?