During a Profile Push from Okta to an external System for Cross-domain Identity Management (SCIM) Server, Okta will log a failure in the System Log with a message similar to the one below:

Bad Request. Errors reported by remote server: Invalid JSON: Illegal character ((CTRL-CHAR, code 31)): only regular white space (\r, \n, \t) is allowed between tokens

Bad Request. Errors reported by remote server: Invalid JSON: Illegal character ((CTRL-CHAR, code 31)): only regular white space (\r, \n, \t) is allowed between tokens
at [Source: (String)"�\x00\x00\x00\x00\x00\x004��
�0D�|��J
��w�7��,����lBȿ�u�r�;�q��fj���:
\�$W����V%�P�T=U!��H͘*�AK�[a��܋�*d�U��i���?;iࡽ,˟5���%T�}��y<��i�a�9���=�1\x00\x00\x00��\x00��A�\x00\x00\x00"; line: 1, column: 2] fullError=�\x00\x00\x00\x00\x00\x004��
�0D�|��J
��w�7��,����lBȿ�u�r�;�q��fj���:
\�$W����V%�P�T=U!��H͘*�AK�[a��܋�*d�U��i���?;iࡽ,˟5���%T�}��y<��i�a�9���=�1\x00\x00\x00��\x00��A�\x00\x00\x00

The SCIM server will most likely not indicate any failure.

• System for Cross-domain Identity Management (SCIM) 2.0 and SCIM 1.1 Template Apps (Installed from the Okta OIN)
• Provisioning Apps (custom SAML/SWA Apps with provisioning enabled)
• Okta Classic Engine
• Okta Identity Engine (OIE)

The Okta SCIM Client does not send the HTTP Header Accept-Encoding. Any sort of compression encoding returned by the SCIM server (for example, gzip) will be treated as plain text and will not be parsed.

This is true even if the Content-Encoding header is present in the response message from the SCIM Server.

To resolve the issue, return all data from the SCIM server in plain text.