Bitwarden [0] released a product called Bitwarden Send [1] a couple months ago. Basically, this product helps you to send sensitive information directly to anyone. The information is encrypted end-to-end. Beside that, you can specify expiry time, deletion date, and a password to open your information. It fits with your use case.
I've used Privnote[0] to easily and quickly send self-destructing text-only notes with sensitive information to users both technical and not. Their privacy policy[1] explains how the information is kept safe.
[0]: https://privnote.com [1]: https://privnote.com/info/privacy
This app is easy to use. https://1time.app/
I'm not sure about SOC2 compliance, but I'd be surprised if it's compliant for you to be generating user's passwords for them. Users should be the only person to know their password.
You could email out a password that only allows the user to change their password, nothing else. Their account won't be accessible until they choose and set their own password. If the initial password is intercepted it doesn't matter (probably, depends on your app) because the account won't have any user data in it yet.