User Password Not Randomly Generated During User Import via API Call


This article clarifies whether a random password is to be generated if one is not provided for the user when doing an import.


A random password will not be generated for the user if one was not provided during the import using a password hash. This is by design.

"password_hash": {
   "type": "string",
   "description": "Hashed password for the user. Passwords should be hashed using bcrypt $2a$ or $2b$ and have 10 saltRounds."

When the user logs into the application, it will be forced to reset the password since there will be no password associated with the account.