diff --git a/rest-endpoint/src/main/java/dasniko/keycloak/resource/admin/MyAdminRealmResource.java b/rest-endpoint/src/main/java/dasniko/keycloak/resource/admin/MyAdminRealmResource.java
index 3e3f437..3db8067 100644
--- a/rest-endpoint/src/main/java/dasniko/keycloak/resource/admin/MyAdminRealmResource.java
+++ b/rest-endpoint/src/main/java/dasniko/keycloak/resource/admin/MyAdminRealmResource.java
@@ -1,8 +1,12 @@
 package dasniko.keycloak.resource.admin;
 
+import jakarta.ws.rs.Consumes;
+import jakarta.ws.rs.DefaultValue;
 import jakarta.ws.rs.GET;
+import jakarta.ws.rs.PUT;
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.QueryParam;
 import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.Response;
 import lombok.RequiredArgsConstructor;
@@ -42,4 +46,21 @@ public Response getListOfUsers() {
 		return Response.ok(userList).build();
 	}
 
+	@PUT
+	@Path("users/required-action")
+	@Consumes(MediaType.APPLICATION_JSON)
+	public Response buldAddRequiredAction(@QueryParam("action") String action, @QueryParam("search") @DefaultValue("*") String search) {
+		// do the authorization with the existing admin permissions
+		final UserPermissionEvaluator userPermissionEvaluator = auth.users();
+		userPermissionEvaluator.requireManage();
+
+		// search users and iterate over the result to add the required action
+		session.users()
+			.searchForUserStream(realm, Map.of(UserModel.SEARCH, search))
+			.filter(userModel -> userModel.getServiceAccountClientLink() == null)
+			.forEach(user -> user.addRequiredAction(action));
+
+		return Response.noContent().build();
+	}
+
 }