I've got further with this with my customer...
They figured out how to use the REST API for M365 groups, they used PostMan to test CRUD operations...
We then translated this into SDI using HTTP Connectors.
First Connector does auth (that was the most difficult part to work out) then we construct a json package to be sent to M365 with a HTTP POST.
At the moment I have to re-work some logic to deal with nested groups in Domino as they aint supported in M365 (for non-security groups), these nested groups from Domino are being synched to AD on-prem just fine.
I'm doing this by using an LDAP Group Members connector, then using an Attribute Loop to retrieve the UUID of members from M365 using email address.
....more to come!... be happy to share my solution once I've figured it out.