Our SCIM server is deployed in an environment which is not exposed to public internet (SCIM APIs only accessible internally via company VPN if IPs not whitelisted). For Azure AD SCIM provisioning to work, we have whitelisted the Microsoft Azure CIDR ranges so that calls originating from these IPs will be able to access our SCIM endpoints.
We have picked the CIDR blocks to whitelist from https://learn.microsoft.com/en-us/azure/databricks/administration-guide/users-groups/scim/aad#azure-active-directory-provisioning-service-ip-range-not-accessible
But, we see that calls are made from different IPs which are not in the CIDR range documented (IPs with which calls were made by Azure AD SCIM provisioning are listed below). Due to this, provisioning is failing.