Add authenticaltion via HTTP header
Most instances run behind a reverse proxy. This proxy usually has the ability to authenticate users in almost any way. (LDAP, SSO, 2FA).
Then the proxy can send the username to Ombi in an HTTP header and doesn't care about the authentication process.
One project that has implemented this is calibre-web by janeczku. There you enable this feature with a checkbox and then define the header name where Ombi expects the username.