I think the answer is in the docs.
When FusionAuth is your user datastore, adding a user means you must either provide a password or send them a link to set up their initial password.
If you are only allowing passwordless authentication for your application, don’t allow the user to specify a password and instead generate a random series of characters for the password. We recommend generating at least 32 characters in the ascii character set that are completely random to ensure the user’s account is secure.