Passwords for new users

Well, first keep in mind that users are able to change their passwords after login in the SSO, clicking on the little avatar thing in top-left then “Change password” (dunno if that part of the interface is obvious, it could probably help to be better documented)

I don’t know if there really are better alternative mechanism, except having a one-time password that needs to be changed after the first time you log in … But I would avoid sending it by email, otherwise you depend of having a proper email stack configured (meaning ports correctly forwarded and the full DNS things for email, and not being blacklisted for some reason).

For now personally I would just recommend you to implement the “one-time password” thing manually, by puting obviously not-strong passwords for your users and asking them to change it right away.