When trying refresh users from Azure getting this error

PAM-CMN-5361: Failed to access Azure API: Request_BadRequest – The Request URI is not valid. Since the segment ‘Microsoft.DirectoryServices.User’ refers to a collection, this must be the last segment in the request URI. All Intermediate segments refer to a single resource and PAM-CMN-5361: Failed to access Azure API: Authorization_RequestDenied – Insufficient privileges to complete the operation…

Release : 3.4

Component : PRIVILEGED ACCESS MANAGEMENT

The Azure SAML user group refresh is meant to remove users from PAM that no longer belong to any of the groups in Azure that are integrated with PAM. It's not meant to add users. Users are added automatically by Just In Time provisioning, no need to add them with a refresh.