Could you elaborate on the cases? This would be helpful for all of us.

Support for webhooks is on the roadmap.

The idea is to keep the app as simple as possible - without management of users and authentication/authorization methods. This can be accomplished with an auth proxy standing before the app or a similar method.

HTTP Basic auth is considered secure when running over TLS.

Adding TLS cert expiraton warning is one of the things on the roadmap :)