So yeah, as the title states Authentication API signup doesn’t require client_id actually despite the docs tell the opposite - Authentication API Explorer.
If you look at the associations, a client application is authorized to use one or more connections, and users are created associated with a connection. So yes, it is possible to create a user without an associated client application. This is actually useful in scenarios where you may want to bulk import users prior to moving applications into Auth0, as they would first need to be created in associated with the connection of the Auth0 datastore, before being assigned to specific client applications that would be created and registered after and given access to these connections containing the users. The benefit of including the clientId in the context of creating a specific user for an application, is that for example in a signup of a new user to your website, by including the clientId you are also ensuring that you have created the user in the correct connection which has the required access to the target client application.