I was looking into the code for external users and users in general. I saw a few test cases in which no auth source was assigned to a user and the user is created. Is this intended in any way?
I am not sure about the history about auth sources. I have tried to create a user and every time I do so an auth source is assigned to a user. To re-frame my question: is there a way for a user to login without an auth source assigned to it?