Our extension has setups where users can choose which authentication method is used when connecting to a web service server.

Most retailers that run their business OnPrem (e.g. offline/intranet solutions) prefer Windows authentication.

When choosing web service authentication method in our extension, we check if the environment is running in SaaS, if so the user gets an error when trying to choose Windows authentication.

The underlying code for the windows authentication is part of the native AL types' API, but it can't be used if Scope is set to Cloud in app.json.

This means that we cannot make our extension Universal Code compliant as we get compiler error.

Can Microsoft change the scope of these methods, so if someone tries to use the windows authentication methods in SaaS it throws a runtime error, if the concern is e.g. online security?

This kind of warning is already used for notifying users about usage of features like InternalsVisibleTo: https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/developer/analyzers/appsourcecop-as0081

A warning/info for the functions would be preferable then a compilation error and not being able to use them OnPrem.

The functions in question are:

HttpClient.UseDefaultNetworkWindowsAuthentication

https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/developer/methods-auto/httpclient/httpclient-usedefaultnetworkwindowsauthentication-method

and

HttpClient.UseWindowsAuthentication

https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/developer/methods-auto/httpclient/httpclient-usewindowsauthentication-method