KeyCloak does not support Identity Brokering with a SAML 2.0 identity provider which may or may not return attribute values with complex content (AnyType, with or without specifying the xsi:type of the Element inside the AttributeValue).
KeyCloak throws an exception when it receives such an AttributeValue in the Assertion of an Identity Provider, even if it won't do anything with that Attribute.
That's not very friendly.
It would be better to give a warning and just skip the AttributeValue so it doesn't block the whole process.
Even better would be to actually support complex values, as defined in the SAML 2.0 specs.