diff --git a/lemur/auth/views.py b/lemur/auth/views.py
index c22762b2..ed6e2759 100644
--- a/lemur/auth/views.py
+++ b/lemur/auth/views.py
@@ -191,9 +191,7 @@ class Ping(Resource):
             roles.append(role)
 
         # if we get an sso user create them an account
-        # we still pick a random password in case sso is down
         if not user:
-
             # every user is an operator (tied to a default role)
             if current_app.config.get('LEMUR_DEFAULT_ROLE'):
                 v = role_service.get_by_name(current_app.config.get('LEMUR_DEFAULT_ROLE'))
diff --git a/lemur/users/schemas.py b/lemur/users/schemas.py
index 1551bcb4..926a4629 100644
--- a/lemur/users/schemas.py
+++ b/lemur/users/schemas.py
@@ -14,7 +14,7 @@ from lemur.schemas import AssociatedRoleSchema, AssociatedCertificateSchema, Ass
 class UserInputSchema(LemurInputSchema):
     username = fields.String(required=True)
     email = fields.Email(required=True)
-    password = fields.String(required=True)  # TODO add complexity requirements
+    password = fields.String()  # TODO add complexity requirements
     active = fields.Boolean()
     roles = fields.Nested(AssociatedRoleSchema, many=True, missing=[])
     certificates = fields.Nested(AssociatedCertificateSchema, many=True, missing=[])
diff --git a/lemur/users/service.py b/lemur/users/service.py
index 3d5d4a64..40b67843 100644
--- a/lemur/users/service.py
+++ b/lemur/users/service.py
@@ -29,8 +29,8 @@ def create(username, password, email, active, profile_picture, roles):
         email=email,
         active=active,
         profile_picture=profile_picture,
-        role=roles
     )
+    user.roles = roles
     return database.create(user)