connecting conflunce to AZure for Single sign on -SSO- ?

If you want to retain the ability to authenticate with password against your internal AD directory and/or your server is not actually moving to the cloud i.e. the connection to the on-prem AD could remain, you can just change the username attribute in your on-prem user directory schema setting to load "mail" rather than sAMAccountName (or more correctly userPrincipalName, assuming all users in your AD have it).

Confluence AD integration should handle this as a mass rename of users. Do test it first! And make backups! Immediately after the sync your users should be able to login with the email and AD password.

Azure-AD (if it has it for the user!), can easily send sAMAccountName as the user attribute. If Azure-AD is created as sync from your local AD - it will have it (look for onPremisesSamAccountName?). However if you have any users in your Azure-AD that are not coming from your on-prem AD, indeed using email or more correctly userPrincipalName is better.

If your server is in fact getting disconnected from your on-prem AD, or your on-prem user directory is not of delegating authentication type but "Connector" i.e. one that synchronises with AD regularly you need to move (or rather, copy) your users out first, probably to the Internal Directory. You can use Bulk User Actions from our UserManagement for Confluence, even if on evaluation license for a one off migration (do consider leaving a review on Marketplace, please!)

To rename the users in bulk (unfortunately we don't yet support this in UserManagement) you can also write a script and run it with Adaptavist ScriptRunner. Feel free to reach to our support via our website (email is at the bottom, so is a web chat) - if you want a sample script shared.

Out of curiosity, what SAML SSO app are you using to connect your Confluence to Azure-AD? For full disclosure, we are the makers of EasySSO for Confluence, the SSO app that gives you 5 different authenticators, including SAML.