I think it can. I thought that the other providers also defaulted to WithInsecure, but if that's wrong, it might be worth reverting that and just suggesting the env var.