The currently logged in user credentials in some cases will automatically be used if challenged for authentication. What platforms are you running on.
For Windows desktop, WinHttp under the covers, if no credentials are explicitly specified we use the default
auto logon security level medium
. This means for requests which are on the local intranet the currently logged in user credentials will be used. If you want the currently logged in user credentials to be used for requests across the internet then you will
either have to obtain the user credentials from somewhere and pass them in the http_client_config or set the underlying auto logon security level to low. This can be done by using the feature http_client_config::set_nativehandle_options(...) to access the
underlying WinHttp handle for each request. Then you can call
For Windows store/phone, IXMLHttpRequest2 underneath, does a similar thing for using the credentials of the current user. The documentation doesn't specify if it will use the current user credentials for all request including ones across the internet, but I'm
sure it does at least for local intranet. Another option might be if you would like to have the user be prompted to provide credentials this could be done by using the set_nativehandle_options and calling
with the option XHR_PROP_NO_CRED_PROMPT.
In short :), first try out your scenario and the credentials of the current user will automatically be used if an intranet request. To force the default user credentials for requests going across the internet you probably will need to do more work using set_nativehandle_options
or get the credentials and supply them to the http_client_config.