allow updates of aboutme using an Application token.
It is impossible to update user properties such as aboutMe, skills and schools for anyone but the logged in user.
Using an Application token with Directory.ReadWrite.All and User.ReadWrite.All permissions fails with a 403 and a message ""Either scp or roles claim need to be present in the token."
Attempting the update with a delegated token with User.ReadWrite, User.ReadWrite.All, Directory.ReadWrite.All and Directory.AccessAsUser.All permissions results in a 500 error with a "Attempted to perform an unauthorized operation." message.
These are pure Office 365 accounts with no on prem element.
Users are suggesting this for few years now and Microsoft is still marking this as OUT OF SCOPE. This is a joke. Why then introduce field that can not be updated? Clearly it is in the example, but in the RL it does not for for this specific filed.
In the part Request body is the first field in the list of what can be updated.