🇨🇦Canada @gurpreet_chahal

Here's the patch.

We had a similar requirement at our agency. I've added the following patch and it works to ignore /admin routes.
Although, I believe it's not an ideal solution to ignore /admin paths from being ignored from CSP checks, but since one might be dealing with multiple modules and tons on inline scripts, it would still act as a shortcut/hack to ignore the CSP violations for admin.

diff --git a/config/install/seckit.settings.yml b/config/install/seckit.settings.yml
index 89278fb8d..9628b99a0 100644
--- a/config/install/seckit.settings.yml
+++ b/config/install/seckit.settings.yml
@@ -52,3 +52,4 @@ seckit_various:
   referrer_policy: FALSE
   referrer_policy_policy: 'no-referrer-when-downgrade'
   disable_autocomplete: FALSE
+  csp_disable_for_authenticated_users: FALSE
diff --git a/config/schema/seckit.schema.yml b/config/schema/seckit.schema.yml
index a51f2163b..3e27e53f7 100644
--- a/config/schema/seckit.schema.yml
+++ b/config/schema/seckit.schema.yml
@@ -177,3 +177,7 @@ seckit.settings:
         disable_autocomplete:
           type: boolean
           label: 'Disable autocomplete'
+        csp_disable_for_authenticated_users:
+          type: boolean
+          label: 'Disable CSP for Authenticated users'
+
diff --git a/src/EventSubscriber/SecKitEventSubscriber.php b/src/EventSubscriber/SecKitEventSubscriber.php
index 72ef923f5..8fe253bcc 100644
--- a/src/EventSubscriber/SecKitEventSubscriber.php
+++ b/src/EventSubscriber/SecKitEventSubscriber.php
@@ -214,6 +214,7 @@ public function seckitCsp() {
     $csp_report_uri = $this->config->get('seckit_xss.csp.report-uri');
     $csp_upgrade_req = $this->config->get('seckit_xss.csp.upgrade-req');
     $add_nonce = $this->config->get('seckit_xss.csp.nonce');
+    $csp_disable_for_authenticated_users = $this->config->get('seckit_various.csp_disable_for_authenticated_users');
     // $csp_policy_uri = $this->config->get('seckit_xss.csp.policy-uri');
     // Prepare directives.
     $directives = [];
@@ -280,6 +281,9 @@ public function seckitCsp() {
     // }
     // send HTTP response header if directives were prepared.
     if ($directives) {
+      if ($csp_disable_for_authenticated_users && \Drupal::currentUser()->isAuthenticated()) {
+        return;
+      }
       if ($csp_report_only) {
         // Use report-only mode.
         $this->response->headers->set('Content-Security-Policy-Report-Only', $directives);
diff --git a/src/Form/SecKitSettingsForm.php b/src/Form/SecKitSettingsForm.php
index cda4f02a7..9c3c84101 100644
--- a/src/Form/SecKitSettingsForm.php
+++ b/src/Form/SecKitSettingsForm.php
@@ -731,6 +731,14 @@ public function buildForm(array $form, FormStateInterface $form_state) {
       '#description' => $this->t('Prevent the browser from populating login/registration form fields using its autocomplete functionality. This as populated fields may contain sensitive information, facilitating unauthorized access.'),
     ];
 
+    // Ignore for authenticated users
+    $form['seckit_various']['csp_disable_for_authenticated_users'] = [
+      '#type' => 'checkbox',
+      '#default_value' => $config->get('seckit_various.csp_disable_for_authenticated_users'),
+      '#title' => 'Disable CSP directives for logged-in users',
+      '#description' => $this->t("Disable for authenticated users"),
+    ];
+    
     return parent::buildForm($form, $form_state);
   }