Before reporting an issue

[X] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

admin/api

Describe the bug

I checked the implementation of the executeActionsEmail, especially https://github.com/keycloak/keycloak/blob/b20cfbbfa52c5636f9c3f46e525d8dff7aacb0c5/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java#L1120 and found out that the issuer for the generated ExecuteActionsActionToken is null, if no clientId is passed.

It should take the clientId from the client found by https://github.com/keycloak/keycloak/blob/b20cfbbfa52c5636f9c3f46e525d8dff7aacb0c5/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java#L1134 and passing it to the SendEmailParams return new SendEmailParams(redirectUri, client.getClientId(), lifespan);

Afterwards, the clientId is used in result.clientId to generate the token https://github.com/keycloak/keycloak/blob/b20cfbbfa52c5636f9c3f46e525d8dff7aacb0c5/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java#L905

This was introduced in https://github.com/keycloak/keycloak/commit/02d64d959c088815fbb3809106d8967dd7524a81

Version

26.0.6

Regression

[ ] The issue is a regression

Expected behavior

Token issuer is the clientId of the passed client or default client.

Actual behavior

Token issuer is null if no clientId is passed

How to Reproduce?

Call the api endpoint without passing a clientId and check the token.

Anything else?

No response