This sounds a little risky in general, you’ll end up with an API that handles multiple auth methods, and have your client base sprinkled across different auth types and tokens. So yes, your API Definitions may fragment, but worse, your client auth base will fragment. I’m not sure which I’d rather manage 
However I take your point. It’s something we’re looking into.