Keycloak SSO - how to map only existing Keycloak users to Nextcloud users without creating new

Hi, I would like to use Keycloak as SSO provider fo Nextcloud 18.

I followed the instructions:

I have installed Social Login app

I do not want to auto-create users in nextcloud after they login using SSO. I just want to allow existing Nextcloud users to login via SSO using OpenID connect protocol.
Users in Keycloak and Nextcloud have the same login name and email. I also want to solve permissions and user groups in Nextcloud, not map it from Keycloak.

In social login app I have checked “Disable auto create new users”.

After I try to login using keycloak, I got following error: “Auto creating new users is disabled” and login fails. But user with the same login name exists in Nextcloud and Keycloak.

I need to keep the possibility of logging in with the local Nexcloud account without using SSO.

What I do bad?
Is it necessary to set Mappers in Keycloak client? But how? I tried everything possible, but still without success.
I think I need to set up login and email mapping.

Thanks for help.