Before reporting an issue

• I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

admin/fine-grained-permissions

Describe the bug

When trying to create a permission via the UI with the resource type "User" and selecting specific users for the enforcement (Enforce access to), the creation of the policy fails.
The error is "No scopes found.", but a scope is being given in the UI.
I have tried with multiple users (newly created), multiple policies and scopes.

Version

26.4.0

Regression

• The issue is a regression

Expected behavior

The policy is being created.

Actual behavior

The policy is not created.
The UI shows the error: Could not update the permission due to unknown_error
The server log shows a trace starting with: "ERROR [org.keycloak.services.error.KeycloakErrorHandler] Uncaught server error: org.keycloak.models.ModelException: No scopes found."

How to Reproduce?

Create a user- based permission, select "Specific Users", and select an existing user. Fill out the other required fields, and click Save.

Anything else?

I actually require this to create a finer-grained permission (disallow x to users y), which #39728 would provide.