I see a similar feature request about supporting basic auth, but what I'm looking for is the ability to set additional headers in the synchronization, for me at least this allows me to add a service token for cloudflare zero-trust proxy to bypass it. This was the Authorization header for Joplin is still intact, but the Cloudflare security doesn't need to be disabled.
I also would like this feature. It makes it heaps easier for the Cloudflare tunnel and reauthentication. A few apps I am using have also implemented them... Here are a few links that may help the devs: