Resolve SCIM user account conflicts in Apple Business Essentials
When you first use SCIM to import users into Apple Business Essentials, Auto Merge should be disabled and all user account conflicts should be resolved manually.
Important: If Auto Merge is turned on, new accounts are merged with existing accounts in Apple Business Essentials.
If you disconnect from Azure AD and reconnect, you can choose whether to merge the Azure AD accounts. After you reconnect, check the Azure AD provisioning logs. After all the accounts are synced to Apple Business Essentials, you can choose to disable Auto Merge to avoid any account merge issues.
Disable Auto Merge
If you want a conflicting account to be connected to SCIM, start by manually resolving the conflict by disabling Auto Merge.
In Apple Business Essentials, sign in with a user that has the role of Administrator or People Manager.
Select your name at the bottom of the sidebar, select Preferences
, then select Directory Sync 
.Turn off Auto Merge.
Manually resolve account conflicts
If you want a conflicting account to be connected to SCIM, you can manually resolve the conflict.
In Apple Business Essentials, sign in with a user that has the role of Administrator or People Manager.
Select your name at the bottom of the sidebar, select Preferences
, then select Directory Sync .Select Edit next to the SCIM section, carefully read the Account Conflict message, then select Resolve.
Select the Download Conflicts button to download a list of account conflicts, then review the conflicts.
If the conflicting accounts are identical to each other in Azure AD and Apple Business Essentials, select Merge.
How conflicts can occur
Conflicts can occur in one of the following ways:
The SCIM connection was disconnected and connected back again, and an Apple Business Essentials account was imported using SCIM.
An Apple Business Essentials user account has a Person ID value and a Managed Apple ID that matches an Azure AD user name you’re attempting to import using SCIM.
The option Sync Only Assigned Users and Groups is enabled, and the following actions occur in order.
1. A user is removed from the Apple Business Manager Azure AD app.
2. The user is then deleted from Azure AD.
3. A new user is created in Azure AD with the same user name.
4. That new user is added to the Apple Business Manager Azure AD app.
