This feature wouldn’t be for every user, but I think that’s fine.
Why The H can’t we configure HA to use a external authentication system? I’d be thrilled for OIDC to be natively supported by HA, just as thrilled if HA would properly support for an addon or integration to provide a bridge to one (With HA offering the necessary APIs).
Putting a reverse proxy infront of HA is not a solution, as this breaks the App, not to mention that with this you need to login twice.