Fundementally, you will need a database to keep your user mapping.
As we're here, consider Stackoverflow - you can create an identity with stackechange, but you can also use your existing identity from google, yhaoo or facebook. This means that SO needs to keep a record of your identity in some database, and next to it what you're allowed and not allowed to do.
In many respects though, you could consider WaaD simply as a database for that matter and automatically create the user record, but keep in mind that the user will not be authenticated to your AD. you will simply be using the graph API to query based on a key and this may be done more efficiently on a dedicated database or, arguably, something like Azure table storage.
Given that you will need to query the WaaD graph API to get group membership anyway (it is not provided with the initial claim-set) you could query table storage instead.