I'm working on a SAML/SCIM 2.0 integration to publish to the OIN. I developed a test app using the SCIM 2.0 Test App (Header Auth) template and submitted it for publishing, and was given access to a private instance of the app that will be published for final QA/debugging. Currently, everything works correctly on the SCIM 2.0 Test app, but when using the provided private app instance, there is an issue with deactivation and reactivation of users. Specifically, when I re-assign a user to the app who had been created and then unassigned (and successfully deactivated from the app with a PATCH request), Okta sends a GET request to my app and determines the user exists but is inactive, but instead of sending an additional PATCH to reactivate it, sends no additional request and shows this error:

When I replicate the same steps with the same user in the SCIM 2.0 test app, a PATCH is sent to the server when a user is reassigned and the user gets successfully reactivated in the app with no error.

All settings and attribute mappings are exactly the same between the two instances. Create Users, Update User Attributes, and Deactivate Users are all enabled in in both apps. In both cases, when a user has been created then deactivated, reassigning them to the app first sends a GET request which returns the user response with 'active: false'.

Why might the Okta app not be sending a PATCH request to reactivate the user in this specific case?