@trevorr said in Is it possible to create a user without a password?:
Would changing this be a reasonable feature request?
Sure, seems reasonable to me.
I'm not quite sure of the ramifications because the identity providers are assigned at the application level and users are a tenant scoped entity, but I suppose you could just say that any user marked with a 'nolocalpassword' attribute would not be able to ever log in locally. They'd always have to be authenticated by a third party system. I haven't thought through all the ramifications but think this would be a fine feature request. Please file away 🙂 : https://github.com/fusionauth/fusionauth-issues/issues
Note that the random password example in that other thread might fail sporadically because there's no guarantee that a base-64 string will contain a "special character".
Maybe I misunderstand you here, but that's a matter of the password rules and the random string generation, correct? You could set up random long strings and make sure they included non alphanumeric characters. Should be a library for that (here's one for java). Or you could relax your password rules to allow for only alphanumeric characters (this may or not make sense, depending on what kind of users you have logging into the tenant).
