SCIM Provisioning and Obfuscation

I have recently updated our authentication to Azure SSO and am getting groups populated into Zscaler Admin portal via SCIM provisioning. My issue is that the groups are not tied to my users obfuscated names, so policies are not being applied. Anyone else run into this issue?

Thank you.