Expire users pwd on first login

Greetings!

I have a question: we need to assign a temporary custom Okta password for a subset of our users during the onboarding process. Unfortunately, we cannot use the Okta invitation email to set the password. In simple terms, we need to manually set the Okta password, and when the users log in, they will be required to change it.

I’m considering programmatically calling the expire_password endpoint after creating the account, but that doesn’t seem like the most practical solution. Is there any tool that Okta provides to facilitate this workflow?

Thank you!

Are you creating the users via API, or within the Admin Console? If via API, what about including the option nextLogin=changePassword when creating the users?

Otherwise, using the /expire_password endpoint would make the most sense to me.