I'd like to have some business logic setup to be able to change the users password to something that I can generate for them.
Ideally the system will have a username and a phone number. When the user signs in I want to send them a text message that contains the password that I set for their account. This would allow me to have accounts that have a password that the user does not need to know and not need to collect their email addresses.
Ideally there would be an endpoint that could be hit with the master secret or an API exposed from business logic to set the salt+hash from a plaintext password.
At present due to security and implementation concerns this is a use case that we don't yet support. We'd love to support this going forward, but at this time we can't.
(On an unrelated aside, everyone at Kinvey sends along their regards and wishes you well).