Can we sync a person who is logging in via Azure Active Directory and map them to a contact in Commerce? Is this possible?
Yes it's possible. It will be good if you can share more details.
If the plan is to implement or switch to Single-Sign-On (SSO) on Commerce solution, you can use ISynchronizingUserService to synchronize the cliams identity with database (Commerce Contacts). Please refer Federated security | Optimizely Developer Community (episerver.com) for the details.
Post implementation of this you can't use CMS Admin for user management (Obvious), however you can use Commerce Manager Contacts which is mapped with the accounts from Active Directory and most of the user management control will be with AD. There is feasibility for customization dependning on the business case.
The configuration & implementation should be done for both CMS/Commerce (front-end) and CommerceManager (back-end) sites.
Take a look at using UseWindowsAzureActiveDirectoryBearerAuthentication which is part of the Owin ActiveDirectory assemblies.
You can set your Azure AD Tenant against this.