@Julien bastin ,Thanks for posting in our Q&A. Based on our official article, to manage Bitlocker, the devices can be Azure AD joined or Hybrid Azure AD joined.
https://video2.skills-academy.com/en-us/mem/intune/protect/encrypt-devices#manage-bitlocker
From your description, the device we want to manage Bitlocker is joined to on premise AD. For these devices Hybrid Azure Ad join may be more suitable. We cans see more details for Hybrid Azure AD Joined devices in the following article:
https://video2.skills-academy.com/en-us/azure/active-directory/devices/concept-azure-ad-join-hybrid
To configure Hybrid Azure AD joined, we can choose one of the following methods: according to our domain type
https://video2.skills-academy.com/en-us/azure/active-directory/devices/hybrid-azuread-join-managed-domains
https://video2.skills-academy.com/en-us/azure/active-directory/devices/hybrid-azuread-join-federated-domains
For your question, I think when we choose Hybrid Azure AD joined, the user can still use their on premise domain account to access application.
Hope it can help.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.