EntraId SCIM bulk upload fails

Question

I'm trying to upload SCIM data to Microsoft Entra ID (formerly Azure AD).

URL to upload the data is https://graph.microsoft.com/v1.0/servicePrincipals/{servicePrincipalId}/synchronization/jobs/{jobId}/

To simplify troubleshooting, I attempted to upload the minimal possible dataset, but the request fails every time. Here’s what I’ve tried so far:

Simple user data

{
    "schemas": ["urn:ietf:params:scim:api:messages:2.0:BulkRequest"],
    "Operations": [{
        "method": "POST",
        "path": "/users",
        "bulkId": "102",
        "data": {
            "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User",
                "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
            ],  
            "externalId": "102",
            "userName": "tuser",
            "name": {
                "formatted": "Test User",
                "familyName": "User",
                "givenName": "Test",
                "displayName": "Test User",
                "title": "Tester",
                "userType": "Employee"
            }   
        }   

    }],
    "failOnErrors": null
}

Empty operations

{
    "schemas": ["urn:ietf:params:scim:api:messages:2.0:BulkRequest"],
    "Operations": [],
    "failOnErrors": null
}

I even copy-pasted an example directly from the Microsoft documentation: https://learn.microsoft.com/en-us/graph/api/synchronization-synchronizationjob-post-bulkupload?view=graph-rest-1.0&tabs=http

However, every attempt results in the same error:

{
        "error": {
            "code": "Request_BadRequest",
            "message": "Unexpected segment DynamicPathSegment. Expected property/$value.",
            "innerError": {
                "date": "2025-02-20T16:33:17",
                "request-id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx",
                "client-request-id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
            }
        }
    }

The Content-Type header is set to application/json. If I try application/scim+json as suggested in the Microsoft example, I get an error stating that the content type should be JSON. If I send invalid JSON data, I receive an appropriate error message, so the request format appears to be recognized. Questions:

• Has anyone encountered this error before?
• Is there something wrong with my request structure or headers?
• Could this be a limitation or a known issue in Microsoft Entra ID?

Any insights or suggestions would be greatly appreciated!

Answer 1

Eventually I found what was wrong. There was a typo in URL (syncronization instead of synchronization) in my script. It didn't return 404 but that irrelevant error message instead.

I managed to get 500 error with some payload, but eventually the API seems to work With correct URL. Content-Type application/scim+json is the correct one for the right URL.