Overview
This article clarifies whether a random password is to be generated if one is not provided for the user when doing an import.
Solution
A random password will not be generated for the user if one was not provided during the import using a password hash. This is by design.
"password_hash": {
"type": "string",
"description": "Hashed password for the user. Passwords should be hashed using bcrypt $2a$ or $2b$ and have 10 saltRounds."
},
When the user logs into the application, it will be forced to reset the password since there will be no password associated with the account.