diff --git a/apps/emqx_authn/src/emqx_authn_api.erl b/apps/emqx_authn/src/emqx_authn_api.erl
index 2503adf10..c4a12309e 100644
--- a/apps/emqx_authn/src/emqx_authn_api.erl
+++ b/apps/emqx_authn/src/emqx_authn_api.erl
@@ -1336,29 +1336,35 @@ move(post, Request) ->
 import_users(post, Request) ->
     AuthenticatorID = cowboy_req:binding(id, Request),
     {ok, Body, _} = cowboy_req:read_body(Request),
-    NBody = emqx_json:decode(Body, [return_maps]),
-    Config = hocon_schema:check_plain(emqx_authn_implied_schema, #{<<"filename">> => NBody},
-                                      #{nullable => true}, ["filename"]),
-    #{filename := #{filename := Filename}} = emqx_map_lib:unsafe_atom_key_map(Config),
-    case emqx_authn:import_users(?CHAIN, AuthenticatorID, Filename) of
-        ok ->
-            {204};
-        {error, Reason} ->
-            serialize_error(Reason)
+    case emqx_json:decode(Body, [return_maps]) of
+        #{<<"filename">> := Filename} ->
+            case emqx_authn:import_users(?CHAIN, AuthenticatorID, Filename) of
+                ok ->
+                    {204};
+                {error, Reason} ->
+                    serialize_error(Reason)
+            end;
+        _ ->
+            serialize_error({missing_parameter, filename})
     end.
 
 users(post, Request) ->
     AuthenticatorID = cowboy_req:binding(id, Request),
     {ok, Body, _} = cowboy_req:read_body(Request),
-    NBody = emqx_json:decode(Body, [return_maps]),
-    Config = hocon_schema:check_plain(emqx_authn_implied_schema, #{<<"user_info">> => NBody},
-                                      #{nullable => true}, ["user_info"]),
-    #{user_info := UserInfo} = emqx_map_lib:unsafe_atom_key_map(Config),
-    case emqx_authn:add_user(?CHAIN, AuthenticatorID, UserInfo) of
-        {ok, User} ->
-            {201, User};
-        {error, Reason} ->
-            serialize_error(Reason)
+    case emqx_json:decode(Body, [return_maps]) of
+        #{ <<"user_id">> := UserID
+         , <<"password">> := Password} ->
+            case emqx_authn:add_user(?CHAIN, AuthenticatorID, #{ user_id => UserID
+                                                               , password => Password}) of
+                {ok, User} ->
+                    {201, User};
+                {error, Reason} ->
+                    serialize_error(Reason)
+            end;
+        #{<<"user_id">> := _} ->
+            serialize_error({missing_parameter, password});
+        _ ->
+            serialize_error({missing_parameter, user_id})
     end;
 users(get, Request) ->
     AuthenticatorID = cowboy_req:binding(id, Request),
@@ -1373,15 +1379,16 @@ users2(patch, Request) ->
     AuthenticatorID = cowboy_req:binding(id, Request),
     UserID = cowboy_req:binding(user_id, Request),
     {ok, Body, _} = cowboy_req:read_body(Request),
-    NBody = emqx_json:decode(Body, [return_maps]),
-    Config = hocon_schema:check_plain(emqx_authn_implied_schema, #{<<"new_user_info">> => NBody},
-                                      #{nullable => true}, ["new_user_info"]),
-    #{new_user_info := NewUserInfo} = emqx_map_lib:unsafe_atom_key_map(Config),
-    case emqx_authn:update_user(?CHAIN, AuthenticatorID, UserID, NewUserInfo) of
-        {ok, User} ->
-            {200, User};
-        {error, Reason} ->
-            serialize_error(Reason)
+    case emqx_json:decode(Body, [return_maps]) of
+        #{<<"password">> := Password} ->
+            case emqx_authn:update_user(?CHAIN, AuthenticatorID, UserID, #{password => Password}) of
+                {ok, User} ->
+                    {200, User};
+                {error, Reason} ->
+                    serialize_error(Reason)
+            end;
+        _ ->
+            serialize_error({missing_parameter, password})
     end;
 users2(get, Request) ->
     AuthenticatorID = cowboy_req:binding(id, Request),
diff --git a/apps/emqx_authn/src/emqx_authn_implied_schema.erl b/apps/emqx_authn/src/emqx_authn_implied_schema.erl
deleted file mode 100644
index 65b4bf356..000000000
--- a/apps/emqx_authn/src/emqx_authn_implied_schema.erl
+++ /dev/null
@@ -1,51 +0,0 @@
-%%--------------------------------------------------------------------
-%% Copyright (c) 2021 EMQ Technologies Co., Ltd. All Rights Reserved.
-%%
-%% Licensed under the Apache License, Version 2.0 (the "License");
-%% you may not use this file except in compliance with the License.
-%% You may obtain a copy of the License at
-%%
-%%     http://www.apache.org/licenses/LICENSE-2.0
-%%
-%% Unless required by applicable law or agreed to in writing, software
-%% distributed under the License is distributed on an "AS IS" BASIS,
-%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-%% See the License for the specific language governing permissions and
-%% limitations under the License.
-%%--------------------------------------------------------------------
-
--module(emqx_authn_implied_schema).
-
--include("emqx_authn.hrl").
--include_lib("typerefl/include/types.hrl").
-
--behaviour(hocon_schema).
-
--export([ structs/0
-        , fields/1
-        ]).
-
-structs() -> [ "filename", "user_info", "new_user_info"].
-
-fields("filename") ->
-    [ {filename, fun filename/1} ];
-fields("user_info") ->
-    [ {user_id, fun user_id/1}
-    , {password, fun password/1}
-    ];
-fields("new_user_info") ->
-    [ {password, fun password/1}
-    ].
-
-filename(type) -> string();
-filename(nullable) -> false;
-filename(_) -> undefined.
-
-user_id(type) -> binary();
-user_id(nullable) -> false;
-user_id(_) -> undefined.
-
-password(type) -> binary();
-password(nullable) -> false;
-password(_) -> undefined.
-