What is the extra stuff that is provided compared to OIDC? I was implementing some of this stuff recently, and for my use case (who is this user? Do they have permission to use this application? Which parts of the application are they allowed to use?) OIDC seemed to cover everything, so I'm pretty curious if I missed some functionality that SAML provides.

You're putting words in their mouth by adding in SCIM.