I am not sure about your network design/architecture, but we do it with our customers like this. They have one/multiple onprem ADFS and WAP servers. And they have site-to-site (ExpressRoute) connectivity to Azure VNET, so the Azure VNET appears as their internal network. So they also have one/multiple ADFS and WAP servers in Azure. And in front of their ADFS and WAP servers they have Azure Traffic Managers (one in front of ADFS servers, one in front of WAP servers) that are used to monitor the health of the endpoints and provide automatic failover when an endpoint goes down.
Hope it helps.
