[keycloak-user] Keycloak 5.0.0 SAML ID Brokering Provider User ID Problems

Hello, I'm investigating using Keycloak as an Identity Broker to connect to some SAML IdPs. I'm running into a problem where the SAML IdP is returning a response to Keycloak that somehow contains a unique Provider User ID and Provider Username with each login, even when the same identity logins in mulitple times. This results in a duplicate key error for keycloak, since keycloak expects a single identity to have a single Provider User ID, not a new one with each login. I'm using Keycloak 5.0.0. This is an example of the Provider User ID and the Provider Username that Keycloak is seeing from the SAML response: _0663be72e9e02b5d40f320b3a42ec757d6b842539f I have verified that my SAML response is using a NameID Policy Format of "Persistent", and that the NameID returned by the SAML response is based on a consistent ID that wouldn't change for the same account. Does anyone have experience with this? I'm at a loss as to how to proceed to get this integration working correctly. TYIA for your help! -Joel