[SOLVED] Keycloak move from 23.0 to 24.0: Account is not fully set up [invalid

Keycloak move from 23.0 to 24.0: Account is not fully set up [invalid_grant]

For a test environment, I'm running image: quay.io/keycloak/keycloak:${KEYCLOAK_VERSION} in docker compose and have an init script similar to the following (the container is reinited every time - this is not an upgrade question in that sense):

#!/bin/sh
set -xe

export KEYCLOAK_HOME=/opt/keycloak
PATH="$PATH:$KEYCLOAK_HOME/bin"
cd "$KEYCLOAK_HOME"/bin

REALM=testing
DEFAULT_PASSWORD=admin_password
HOST=keycloak
PORT=8080

./kcadm.sh config credentials \
  --server http://$HOST:$PORT \
  --realm master \
  --user admin \
  --password admin

./kcadm.sh create realms -s "realm=$REALM" -s "enabled=true"

ADMIN_UID=$(./kcadm.sh create users -r $REALM -s "username=admin" -i)
./kcadm.sh add-roles -r $REALM --uusername admin --cclientid realm-management --rolename realm-admin
./kcadm.sh update users/"$ADMIN_UID" -r $REALM -s "enabled=true"
./kcadm.sh update users/"$ADMIN_UID"/reset-password -r $REALM -s type=password -s value=$DEFAULT_PASSWORD -n

############################################
# Reconfigure to use the created realm admin
############################################

./kcadm.sh config credentials \
  --server http://$HOST:$PORT \
  --realm $REALM \
  --user admin \
  --password $DEFAULT_PASSWORD

# setup roles
# setup users
# setup clients

With KEYCLOAK_VERSION=23.0 this is working as expected, but for KEYCLOAK_VERSION=24.0 I get:

...
keycloak-setup-1  | + ./kcadm.sh config credentials --server http://keycloak:8080 --realm testing --user admin --password admin_password
keycloak-setup-1  | Logging into http://keycloak:8080 as user admin of realm testing
keycloak-1        | 2024-05-24 11:48:34,509 WARN  [org.keycloak.events] (executor-thread-1) type="LOGIN_ERROR", realmId="29bee3da-666d-4db5-a16e-558db391412b", clientId="admin-cli", userId="null", ipAddress="10.89.0.173", error="resolve_required_actions", auth_method="openid-connect", grant_type="password", client_auth_method="client-secret", username="admin"
keycloak-setup-1  | Account is not fully set up [invalid_grant]
keycloak-setup-1 exited with code 1
service "keycloak-setup" didn't complete successfully: exit 1

Can someone point me to the actions that are required for keycloak 24, to be able to create and use a user using kcadm.sh? I checked the Release notes for breaking changes, pointing to User Profiles in the upgrade guide. However, I have not been able to locate information relevant for my issue.

When logging in to keycloak, the new user does not have any required actions:

Anyway, I also tried adding -s 'emailVerified=true' -s 'requiredActions=[]' to the first update users command above, without any change in the outcome. In case it has to do with the new user profile requirements, I also tried -s 'profileVerified=true', but that is not even an accepted attribute :-(

Solution

For me it worked by filling email, first name and last name