I just deny all AUTH in my signer. That waybindont have to find the setting in every client / believe they will honour it.