1. Create an user approval request (through enduser by assigning groupForWorkflowApproval for example).
2. Login into console as an approver, claim and edit the request.
3. If you submit the form the password is added to the payload and a PasswordPatch is ever created with value the hased password taken from UserTO stored into the workflow.
This also affects the mustChangePassword flag, that, if true for the UserTO under approval, is set to false (because password ever changes).