FIM doesn't do authentication. Instead, it does the user management and synchronization piece.
You would want to integrate with one of the directories FIM is synchronizing. If your app is within the firewall, you would typically use AD or LDAP (Kerberos-based). If your app is outside of the firewall, you would typically use Azure Active Directory or another SAML-based Identity Provider.