I would like to authenticate against an API that use Active Directory. It is possible with curl and
I’m hoping that the new Downloads.download can handle this since it’s based on libcurl. But I can’t see from the docs how to include authentication.
Has anyone succeeded with such an authentication?
(In the past I haven’t succeeded – like GSSAPI / Kerberos in Julia? and Ntlm authentication for HTTP requests)
Most services allow you to authenticate with a Authorization header. You can pass headers to Downloads.download like this:
Download.download(url, filename; headers = Dict("Authorization" => "XXXX"))
Yes, most services do 
The problem is that Active Directory expects things in a certain way and I haven’t found docs for it.
With curl this works:
curl --ntlm -u : --negotiate <url>
The -u : means that it should rely on my Windows user/Kerberos ticket.
Without --negotiate it fails. Running verbose (with -v) reveals that “Authorization: Negotiate <very long string>” when it works and “Authorization: NTLM <short string>” when it doesn’t work.
I don’t know how the strings are generated.
Is it possible to use a counterpart to --negotiate in Downloads.download? Or does anyone know how to construct the custom header?