I am struggling to find a basic example using Named Credentials, Auth Provider and Connected app that will use two SF developer orgs.  I want to put the https code in the debug window to update a user record's isActive field to false.  I have the aforementioned setup but the code that I have doesn't seem to work as I am getting a 400 error along with the following error:

18:54:22:098 USER_DEBUG [11]|DEBUG|[{"errorCode":"URL_NOT_RESET","message":"Destination URL not reset. The URL returned from login must be set"}]


TRIED THIS IN DEBUG:

HttpRequest req = new HttpRequest();
req.setEndpoint('callout:Sandbox_Management/services/data/v40.0/sobjects/User/0056A000001jCnC?_HttpMethod=PATCH');
req.setMethod('POST');
Http http = new Http();
req.setHeader('Content-Type', 'application/json;charset=UTF-8');
req.setBody('{"isActive":false}');
//req.setBody('{"id" : "0056A000001jCnC", "isActive":false}');
HTTPResponse res = http.send(req);
System.debug('SENT');
System.debug(res.getBody());


Thanks for the help.