Buttonwood Exchange by default acts as a local identity provider (IDP) by maintaining user passwords and performing authentication. When users are enabled on the platform, an activation email/SMS is sent to the user to configure their password for the platform.
Administrators may choose to configure Exchange to redirect authentication to an external identity provider (eg. Azure Active Directory), providing a single sign-on experience.
When SSO is configured, users are still prompted to set an Exchange password when they are activated.
This is expected behaviour.
Users are still required to set a password for Exchange under all circumstances. If the external IDP configuration is disabled, the local IDP will be used.