It would be nice if there was a "custom" authentication type, which allowed you to define a few fields for tokens/secrets for the integration, and then gave you a Jinja UI for modifying the existing request where you have access to those tokens and the request's body and current headers (and some sort of org identifier, for integrations that use org mapping). Ideally you could add/remove/modify headers and alter the body of the request as needed to authenticate.

This would allow integrations that use both one-off roll your own hmac-sha256 stuff, and bigger stuff like Amazon AWS and Wasabi which I currently handle using sub-workflows instead.