Visual Guard 2019 R2 will add the support for oAuth2 and SAML 2.0 to PB applications. As Marco mentioned, the latter allows to manage both Authentications and Authorizations, so I guess it depends on your security requirements.
As for ADFS, you can reuse Windows Accounts defined in Active Directory (AD) to authenticate users accessing your application(s), no matter they are defined in a single or several ADs (Identity Federation) located in the same network or not.
You will need to integrate Visual Guard with your PB app - add a couple libraries and instantiate its engine - and VG will do the rest - i.e. you don't have to write code to make your App SAML or oAuth compliant.
That works also with non-PB code (.Net, Java, Angular...).
ADFS is actually built upon Active Directory. You can communicate with AD directly / indirectly (see my Elevate 2018 presentation) in your PowerBuilder or PowerServer apps as one solution or utilize ADFS via REST and oAuth2, as follows: