[keycloak-dev] Need inputs on scenario related to Keycloak SAML Broker IDP SSO

Hi Team, In our current workflow of customer onboarding, we are provisioning customer users from their IDP (like ADFS) into Keycloak via script. As part of this process once user is created in Keycloak, the script creates IDP linking for the user and for this purpose script uses the Keycloak username field and use it in Provider User Id and Provider Username fields of IDP linking. As Keycloak stores the username in lowercase format the same value with lowercase gets reflected in the Provider User Id field (e.g. abhigokhale(a)gmail.com). The problem is if the SAML response contain Name ID with mix case (say Abhigokhale(a)gmail.com) then Keycloak displays the message that user with the same email already exist. Please note, we are using First login flow with only Create User If Unique authenticator enabled and rest as disabled. I would like to get your opinion if Keycloak shall handle this scenario as its storing the username with lowercase. Thanks & Regards, Abhijit