Perform an entitlement validation review in order to be compliant with the core one.
For instance, it seems that user edit/create (available) button click results in an exception returned by the core if the caller missing the right entitlements having USER_READ, USER_SEARCH and USER_LIST only.
Further, GROUP tab under Realms page seems to be available missing GROUP entitlements as well. Click on it results in an error.
Furthermore, security question page seems to be available missing entitlements as well.