diff --git a/src/main/java/sh/libre/scim/core/Adapter.java b/src/main/java/sh/libre/scim/core/Adapter.java
index 2de3124155..913ef09d03 100644
--- a/src/main/java/sh/libre/scim/core/Adapter.java
+++ b/src/main/java/sh/libre/scim/core/Adapter.java
@@ -9,6 +9,7 @@ import javax.ws.rs.NotFoundException;
 import org.jboss.logging.Logger;
 import org.keycloak.connections.jpa.JpaConnectionProvider;
 import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
 import org.keycloak.models.RoleMapperModel;
 import sh.libre.scim.jpa.ScimResource;
 
@@ -16,6 +17,7 @@ public abstract class Adapter<M extends RoleMapperModel, S extends com.unboundid
 
     protected final Logger LOGGER;
     protected final String realmId;
+    protected final RealmModel realm;
     protected final String type;
     protected final String componentId;
     protected final EntityManager em;
@@ -26,6 +28,7 @@ public abstract class Adapter<M extends RoleMapperModel, S extends com.unboundid
 
     public Adapter(KeycloakSession session, String componentId, String type, Logger logger) {
         this.session = session;
+        this.realm = session.getContext().getRealm();
         this.realmId = session.getContext().getRealm().getId();
         this.componentId = componentId;
         this.em = session.getProvider(JpaConnectionProvider.class).getEntityManager();
diff --git a/src/main/java/sh/libre/scim/core/GroupAdapter.java b/src/main/java/sh/libre/scim/core/GroupAdapter.java
index 0e4b84f56b..adf46d593c 100644
--- a/src/main/java/sh/libre/scim/core/GroupAdapter.java
+++ b/src/main/java/sh/libre/scim/core/GroupAdapter.java
@@ -19,10 +19,6 @@ import com.unboundid.scim2.common.types.Meta;
 import org.jboss.logging.Logger;
 import org.keycloak.models.GroupModel;
 import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.jpa.entities.GroupEntity;
-import org.keycloak.models.jpa.entities.UserEntity;
-import org.keycloak.models.jpa.entities.UserGroupMembershipEntity;
-import org.keycloak.models.utils.KeycloakModelUtils;
 
 public class GroupAdapter extends Adapter<GroupModel, GroupResource> {
 
@@ -124,7 +120,7 @@ public class GroupAdapter extends Adapter<GroupModel, GroupResource> {
         if (this.id == null) {
             return false;
         }
-        var group = this.em.find(GroupEntity.class, this.id);
+        var group = session.groups().getGroupById(realm, id);
         if (group != null) {
             return true;
         }
@@ -133,38 +129,25 @@ public class GroupAdapter extends Adapter<GroupModel, GroupResource> {
 
     @Override
     public Boolean tryToMap() {
-        try {
-            var groupEntity = this.em
-                    .createQuery("select g from GroupEntity g where g.name=:name",
-                            GroupEntity.class)
-                    .setParameter("name", displayName)
-                    .getSingleResult();
-            setId(groupEntity.getId());
+        var group = session.groups().getGroupsStream(realm).filter(x -> x.getName() == displayName).findFirst();
+        if (group.isPresent()) {
+            setId(group.get().getId());
             return true;
-        } catch (Exception e) {
         }
         return false;
     }
 
     @Override
     public void createEntity() {
-        var kcGroup = new GroupEntity();
-        kcGroup.setId(KeycloakModelUtils.generateId());
-        kcGroup.setRealm(realmId);
-        kcGroup.setName(displayName);
-        kcGroup.setParentId(GroupEntity.TOP_PARENT_ID);
-        this.em.persist(kcGroup);
-        this.id = kcGroup.getId();
+        var group = session.groups().createGroup(realm, displayName);
+        this.id = group.getId();
         for (String mId : members) {
             try {
-                var user = this.em.find(UserEntity.class, mId);
+                var user = session.users().getUserById(realm, mId);
                 if (user == null) {
                     throw new NoResultException();
                 }
-                var membership = new UserGroupMembershipEntity();
-                membership.setUser(user);
-                membership.setGroupId(kcGroup.getId());
-                this.em.persist(membership);
+                user.joinGroup(group);
             } catch (Exception e) {
                 LOGGER.warn(e);
             }
diff --git a/src/main/java/sh/libre/scim/core/UserAdapter.java b/src/main/java/sh/libre/scim/core/UserAdapter.java
index 00df936c04..b5d795edc8 100644
--- a/src/main/java/sh/libre/scim/core/UserAdapter.java
+++ b/src/main/java/sh/libre/scim/core/UserAdapter.java
@@ -15,8 +15,6 @@ import com.unboundid.scim2.common.types.UserResource;
 import org.jboss.logging.Logger;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.UserModel;
-import org.keycloak.models.jpa.entities.UserEntity;
-import org.keycloak.models.utils.KeycloakModelUtils;
 
 public class UserAdapter extends Adapter<UserModel, UserResource> {
 
@@ -160,14 +158,10 @@ public class UserAdapter extends Adapter<UserModel, UserResource> {
 
     @Override
     public void createEntity() {
-        var kcUser = new UserEntity();
-        kcUser.setId(KeycloakModelUtils.generateId());
-        kcUser.setRealmId(realmId);
-        kcUser.setUsername(username);
-        kcUser.setEmail(email, false);
-        kcUser.setEnabled(active);
-        this.em.persist(kcUser);
-        this.id = kcUser.getId();
+        var user = session.users().addUser(realm, username);
+        user.setEmail(email);
+        user.setEnabled(active);
+        this.id = user.getId();
     }
 
     @Override
@@ -175,7 +169,7 @@ public class UserAdapter extends Adapter<UserModel, UserResource> {
         if (this.id == null) {
             return false;
         }
-        var user = this.em.find(UserEntity.class, this.id);
+        var user = session.users().getUserById(realm, id);
         if (user != null) {
             return true;
         }
@@ -184,17 +178,19 @@ public class UserAdapter extends Adapter<UserModel, UserResource> {
 
     @Override
     public Boolean tryToMap() {
-        try {
-            var userEntity = this.em
-                    .createQuery("select u from UserEntity u where u.username=:username or u.email=:email",
-                            UserEntity.class)
-                    .setParameter("username", username)
-                    .setParameter("email", email)
-                    .getSingleResult();
-
-            setId(userEntity.getId());
+        var sameUsernameUser = session.users().getUserByUsername(realm, username);
+        var sameEmailUser = session.users().getUserByEmail(realm, email);
+        if ((sameUsernameUser != null && sameEmailUser != null) && sameUsernameUser.getId() != sameEmailUser.getId()) {
+            LOGGER.warnf("found 2 possible users for remote user %s %s", username, email);
+            return false;
+        }
+        if (sameUsernameUser != null) {
+            this.id = sameUsernameUser.getId();
+            return true;
+        }
+        if (sameEmailUser != null) {
+            this.id = sameEmailUser.getId();
             return true;
-        } catch (Exception e) {
         }
         return false;
     }