Documentation for User Storage Spi is incorrect

Closes #19763

docs/documentation/server_development/topics/auth-spi.adoc

@@ -389,9 +389,6 @@ public class SecretQuestionCredentialProvider implements CredentialProvider<Secr
         this.session = session;
     }
 
-    private UserCredentialStore getCredentialStore() {
-        return session.userCredentialManager();
-    }
 ----
 
 We also want to implement the CredentialInputValidator interface, as this allows {project_name} to know that this provider can also be used to validate a
@@ -417,7 +414,7 @@ public SecretQuestionCredentialModel getCredentialFromModel(CredentialModel mode
 }
 ----
 
-Finally, we have the methods to create a credential and delete a credential. These methods call the KeycloakSession's `userCredentialManager`, which
+Finally, we have the methods to create a credential and delete a credential. These methods call the UserModel's credential manager, which
 is responsible for knowing where to read or write the credential, for example local storage or federated storage.
 
 [source,java]
@@ -427,12 +424,12 @@ public CredentialModel createCredential(RealmModel realm, UserModel user, Secret
     if (credentialModel.getCreatedDate() == null) {
         credentialModel.setCreatedDate(Time.currentTimeMillis());
     }
-    return getCredentialStore().createCredential(realm, user, credentialModel);
+    return user.credentialManager().createStoredCredential(credentialModel);
 }
 
 @Override
 public boolean deleteCredential(RealmModel realm, UserModel user, String credentialId) {
-    return getCredentialStore().removeStoredCredential(realm, user, credentialId);
+    return user.credentialManager().removeStoredCredentialById(credentialId);
 }
 ----
 

docs/documentation/server_development/topics/user-storage.adoc

@@ -3,7 +3,7 @@
 
 [WARNING]
 ====
-This functionality depends on APIs bundled in the `keycloak-model-legacy` module.
+This functionality depends on APIs bundled in the `keycloak-model-legacy` and `keycloak-model-legacy-private` modules.
 It will soon be replaced with the new map storage API which provides a uniform way to access both local and external information about users and other entities, and the old APIs will be removed eventually.
 ====
 

docs/documentation/server_development/topics/user-storage/cache.adoc

@@ -8,7 +8,7 @@ is propagated to the entire cluster so that the other nodes' user cache is also
 
 ==== Managing the user cache
 
-You can access the user cache by calling `KeycloakSession.userCache()`.
+You can access the user cache by calling `KeycloakSession.getProvider(UserCache.class)`.
 
 [source,java]
 ----

docs/documentation/server_development/topics/user-storage/import.adoc

@@ -30,9 +30,9 @@ begin first by modifying the `createAdapter()` method.
 [source,java]
 ----
     protected UserModel createAdapter(RealmModel realm, String username) {
-        UserModel local = session.userLocalStorage().getUserByUsername(username, realm);
+        UserModel local = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(realm, username);
         if (local == null) {
-            local = session.userLocalStorage().addUser(realm, username);
+            local = UserStoragePrivateUtil.userLocalStorage(session).addUser(realm, username);
             local.setFederationLink(model.getId());
         }
         return new UserModelDelegate(local) {
@@ -49,7 +49,7 @@ begin first by modifying the `createAdapter()` method.
     }
 ----
 
-In this method we call the `KeycloakSession.userLocalStorage()` method to obtain a reference to local {project_name}
+In this method we call the `UserStoragePrivateUtil.userLocalStorage(session)` method to obtain a reference to local {project_name}
 user storage. We see if the user is stored locally, if not, we add it locally. Do not set the `id` of the local user.
 Let {project_name} automatically generate the `id`.  Also note that we call
 `UserModel.setFederationLink()` and pass in the ID of the `ComponentModel` of our provider. This sets a link between