Kafka authentication with scram 512 and KRAFT mode doesn't work

Kafka authentication with scram 512 and KRAFT mode doesn't work. My docker compose looks like this.

services:
  kafka-1:
    image: confluentinc/cp-kafka:7.7.1
    ports:
      - '9092:9092'
    environment:
      CLUSTER_ID: apCvyf6zusVSAvyqGAh7AZ
      KAFKA_NODE_ID: 1
      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: 'CONTROLLER:SASL_PLAINTEXT,CLIENT:SASL_PLAINTEXT,BROKER:SASL_PLAINTEXT'
      KAFKA_ADVERTISED_LISTENERS: 'CLIENT://kafka-1:29092,BROKER://localhost:9092'
      KAFKA_PROCESS_ROLES: 'broker,controller'
      KAFKA_CONTROLLER_QUORUM_VOTERS: '1@kafka-1:9093'
      KAFKA_LISTENERS: 'CLIENT://0.0.0.0:29092,CONTROLLER://0.0.0.0:9093,BROKER://0.0.0.0:9092'
      KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
      KAFKA_CONTROLLER_LISTENER_NAMES: CONTROLLER
      KAFKA_SASL_MECHANISM_CONTROLLER_PROTOCOL: SCRAM-SHA-512
      KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: SCRAM-SHA-512
      KAFKA_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512
      KAFKA_AUTHORIZER_CLASS_NAME: org.apache.kafka.metadata.authorizer.StandardAuthorizer
      KAFKA_SUPER_USERS: 'User:admin'
      KAFKA_OPTS: '-Djava.security.auth.login.config=/etc/kafka/kafka_jaas.conf'
    volumes:
      - ./config/kafka_jaas.conf:/etc/kafka/kafka_jaas.conf 
      
  kafka-ui:
    image: provectuslabs/kafka-ui:latest
    ports:
      - 1111:1111
    environment:
      SERVER_PORT: 1111
      KAFKA_CLUSTERS_0_NAME: local
      KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS: kafka-1:29092
      KAFKA_CLUSTERS_0_ZOOKEEPER: zookeeper:2181
      KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL: SASL_PLAINTEXT
      KAFKA_CLUSTERS_0_PROPERTIES_SASL_MECHANISM: SCRAM-SHA-512
      KAFKA_CLUSTERS_0_PROPERTIES_SASL_JAAS_CONFIG: 'org.apache.kafka.common.security.scram.ScramLoginModule required username="admin" password="admin_password";'                

And the jaas file

KafkaServer {
  org.apache.kafka.common.security.scram.ScramLoginModule required
  username="admin"
  password="admin_password"
  user_admin="admin_password"
  user_service="service_password";
};

This is the error I get

kafka-1_1   | [2024-10-28 13:42:04,650] ERROR [controller-1-to-controller-registration-channel-manager]: Request ControllerRegistrationRequestData(controllerId=1, incarnationId=NZkn4xOFS42Kg0RhscJHVw, zkMigrationReady=false, listeners=[Listener(name='CONTROLLER', host='0.0.0.0', port=9093, securityProtocol=2)], features=[Feature(name='metadata.version', minSupportedVersion=1, maxSupportedVersion=19)]) failed due to authentication error with controller (kafka.server.NodeToControllerRequestThread)
kafka-1_1   | org.apache.kafka.common.errors.SaslAuthenticationException: Authentication failed during authentication due to invalid credentials with SASL mechanism SCRAM-SHA-512
kafka-1_1   | [2024-10-28 13:42:04,650] ERROR [ControllerRegistrationManager id=1 incarnation=NZkn4xOFS42Kg0RhscJHVw] RegistrationResponseHandler: authentication error (kafka.server.ControllerRegistrationManager)
kafka-1_1   | org.apache.kafka.common.errors.SaslAuthenticationException: Authentication failed during authentication due to invalid credentials with SASL mechanism SCRAM-SHA-512

If i change SASL mechanism to PLAIN, everything works?