When creating a new system user, the only way to get the new user's password is to manually log in to the panel and click the "Show password" button. The security concern is legitimate but this makes it difficult to automate.

It should be possible to either send a password to the endpoint when creating the user, or to have the endpoint send the password in the response when it's created. The latter is a common practice. For example, AWS sends the access key and secret when creating a new IAM user. Of course, the password cannot be retrieved at a later date.

This capability is necessary to fully automate the site creation and then automatically store the credentials in our secret/password manager so the rest of the team can use it.

If a user is created through the api and the password returned in the response, I would expect the password to NOT be available in the panel. It's basically analogous to clicking the "Show password" button in the panel, which is only possible once.