Based on similar SCIM configuration patterns, potential solutions include:
Custom Authentication - Switch Authentication Type to “Custom” and use customizeRequest rule to inject headers programmatically (approach discussed here)
beforeProvisioning Rule - Add headers in a beforeProvisioning rule that manipulates the request object before it’s sent
Verify noAuthHeaders syntax - Ensure your XML structure matches the connector’s expected format for API token auth with additional headers