In another article you can read how how handle Basic Authentication using LWP::Simple. In normal circumstances when accessing a site that uses Basic Authentication to protect some pages, you'll see a "challenge". On the HTTP level it is a 401 Not Authorized response with a header containing WWW-Authenticate: Basic realm="insert realm" Browsers usually show a pop-up window asking for username/password. There are however sites that do not provide this challenge.

This article is originally from 2014. Since then Gittip was renamed to be Gratipay and in November 2017 it was shut down. Nevertheless the technique is still useful.

I am not even sure if it is according to the specification of Basic Authentication, to expect the credentials without sending the challenge but there are sites that work that way.

For example, recently I was trying to implement the Perl API client of Gittip. The API of Gittip is described in their GitHub repository. There is a request, not even documented yet to get the communities. Currently, if it is accessed without authentication it returns an empty list. If an authenticated user access it, it will return the list of all the communities and for each community a flag indicating if the current user is member of that community or not. This worked in the browser when I was logged in.

It worked using curl on the command line:

curl -u 123-456: https://www.gittip.com/for/communities.json