This would be really helpful for some more advanced home assistant use cases, where HA is already being used inside of a virtual private network across linked IoT devices. Requiring authentication via LL Acceess tokens is adding additional complexity and development burden at scale.
The strict requirement for authentication should at least be allowed to be disabled for advanced users who know what they are doing.
If I submitted a PR with an option for this, would it be considered?
HA started without authentication, and to be blunt it was a shit show. So many people exposed HA to the internet and then complained they were “hacked”.
Then HA introduced optional auth, and people turned it off. Then they complained they’d been “hacked”.
I personally really hope HA never again makes it optional, but as Chris said you can probably use trusted networks (and the allow_bypass_login option) to achieve your goal.