I followed the docs (Setting up a load balancer with Cloud Run, and Setting up an external HTTPS load balancer) and successfully enabled IAP on a load balancer, which has Cloud Run as a backend.
It seems that for IAP to work, the frontend of the load balancer needs to be configured for HTTPS, which in turn requires owning a domain.
Is there a way to still have IAP on Cloud Run without specifically registering a domain?