SAML Error Unable to uniquely identify the user using provided claims Federation Authentication with Azure AD (327057)

We continue to see the error described here

Our on-prem UPN and AzureAD UPN are different, so we are using the feature in AzureAD to provide the on-prem UPN in the claim

The ARS Config

The AzureAD config