Client (Outlook) sends a request to Exchange Online (EXO) to access the mailbox and download data.
Next EXO request that the client authenticates to Azure AD.
Azure informs EXO that the user domain is federated and provides the Auth url for EXO to authenticate with the IDP, based off the root domain of the user.
For example firstname.lastname@example.org authenticates to sts.tecism.com
ADFS then communicates with your domain controller to authenticate the user account.
The DC successfully authenticates the user, and sends the information back to ADFS.
ADFS then sends the authenticated user token back to the client.
The user’s client (Outlook 2016, Outlook 2013, Outlook app,etc) then goes Azure AD with the token, to authenticate, and upon a successful authentication is provided with Access and Refresh tokens that can be used for subsequent logins.
The client then takes those access tokens and provide them to Exchange Online so it can access the user data.