diff --git a/src/dispatch/auth/models.py b/src/dispatch/auth/models.py
index 00a90cc596c0..8eabc65d2676 100644
--- a/src/dispatch/auth/models.py
+++ b/src/dispatch/auth/models.py
@@ -4,7 +4,6 @@
 import secrets
 from datetime import datetime, timedelta
 from uuid import uuid4
-from typing import Optional
 
 import bcrypt
 from jose import jwt
@@ -166,7 +165,7 @@ def email_required(cls, v):
 class UserLogin(UserBase):
     """Pydantic model for user login data."""
 
-    password: str
+    password: str | None = None
 
     @field_validator("password")
     @classmethod
@@ -180,7 +179,7 @@ def password_required(cls, v):
 class UserRegister(UserLogin):
     """Pydantic model for user registration data."""
 
-    password: str = None
+    password: str | None = None
 
     @field_validator("password", mode="before")
     @classmethod
@@ -209,10 +208,10 @@ class UserUpdate(DispatchBase):
     """Pydantic model for updating user data."""
 
     id: PrimaryKey
-    projects: Optional[list[UserProject]] = None
-    organizations: Optional[list[UserOrganization]]
-    experimental_features: Optional[bool] = None
-    role: Optional[str] = None
+    projects: list[UserProject] | None = None
+    organizations: list[UserOrganization] | None
+    experimental_features: bool | None = None
+    role: str | None = None
 
 
 class UserPasswordUpdate(DispatchBase):
diff --git a/src/dispatch/auth/service.py b/src/dispatch/auth/service.py
index 931f596b0713..eddcf0736692 100644
--- a/src/dispatch/auth/service.py
+++ b/src/dispatch/auth/service.py
@@ -148,11 +148,14 @@ def create_or_update_organization_role(
 def create(*, db_session, organization: str, user_in: (UserRegister | UserCreate)) -> DispatchUser:
     """Creates a new dispatch user."""
     # pydantic forces a string password, but we really want bytes
-    password = bytes(user_in.password, "utf-8")
-
+    # Handle the case where password may be None (e.g., SSO users)
+    if user_in.password is not None:
+        password = bytes(user_in.password, "utf-8")
+    else:
+        password = None
     # create the user
     user = DispatchUser(
-        **user_in.dict(exclude={"password", "organizations", "projects", "role"}), password=password
+        **user_in.model_dump(exclude={"password", "organizations", "projects", "role"}), password=password
     )
 
     org = organization_service.get_by_slug_or_raise(