diff --git a/src/poetry/packages/direct_origin.py b/src/poetry/packages/direct_origin.py
index 9451e381205..78bae1ee764 100644
--- a/src/poetry/packages/direct_origin.py
+++ b/src/poetry/packages/direct_origin.py
@@ -9,6 +9,7 @@
 
 from poetry.inspection.info import PackageInfo
 from poetry.inspection.info import PackageInfoError
+from poetry.utils.authenticator import get_default_authenticator
 from poetry.utils.helpers import download_file
 from poetry.utils.helpers import get_file_hash
 from poetry.vcs.git import Git
@@ -56,6 +57,7 @@ def _get_package_from_git(
 class DirectOrigin:
     def __init__(self, artifact_cache: ArtifactCache) -> None:
         self._artifact_cache = artifact_cache
+        self._authenticator = get_default_authenticator()
 
     @classmethod
     def get_package_from_file(cls, file_path: Path) -> Package:
@@ -74,10 +76,13 @@ def get_package_from_file(cls, file_path: Path) -> Package:
     def get_package_from_directory(cls, directory: Path) -> Package:
         return PackageInfo.from_directory(path=directory).to_package(root_dir=directory)
 
+    def _download_file(self, url: str, dest: Path) -> None:
+        download_file(url, dest, session=self._authenticator)
+
     def get_package_from_url(self, url: str) -> Package:
         link = Link(url)
         artifact = self._artifact_cache.get_cached_archive_for_link(
-            link, strict=True, download_func=download_file
+            link, strict=True, download_func=self._download_file
         )
 
         package = self.get_package_from_file(artifact)
diff --git a/src/poetry/utils/helpers.py b/src/poetry/utils/helpers.py
index fbc29e5b4dd..81e9a281aee 100644
--- a/src/poetry/utils/helpers.py
+++ b/src/poetry/utils/helpers.py
@@ -20,10 +20,9 @@
 from typing import Any
 from typing import overload
 
-import requests
-
 from requests.utils import atomic_open
 
+from poetry.utils.authenticator import get_default_authenticator
 from poetry.utils.constants import REQUESTS_TIMEOUT
 
 
@@ -171,10 +170,10 @@ def __init__(
     ):
         self._dest = dest
 
-        get = requests.get if not session else session.get
+        session = session or get_default_authenticator()
         headers = {"Accept-Encoding": "Identity"}
 
-        self._response = get(
+        self._response = session.get(
             url, stream=True, headers=headers, timeout=REQUESTS_TIMEOUT
         )
         self._response.raise_for_status()
diff --git a/tests/packages/test_direct_origin.py b/tests/packages/test_direct_origin.py
index dc2ec8d3384..f7263ea0a2a 100644
--- a/tests/packages/test_direct_origin.py
+++ b/tests/packages/test_direct_origin.py
@@ -44,7 +44,7 @@ def test_direct_origin_does_not_download_url_dependency_when_cached(
     direct_origin = DirectOrigin(artifact_cache)
     url = "https://files.pythonhosted.org/distributions/demo-0.1.0-py2.py3-none-any.whl"
     download_file = mocker.patch(
-        "poetry.packages.direct_origin.download_file",
+        "poetry.packages.direct_origin.DirectOrigin._download_file",
         side_effect=Exception("download_file should not be called"),
     )
 
diff --git a/tests/utils/test_helpers.py b/tests/utils/test_helpers.py
index 2399e298552..884db33b903 100644
--- a/tests/utils/test_helpers.py
+++ b/tests/utils/test_helpers.py
@@ -1,5 +1,8 @@
 from __future__ import annotations
 
+import base64
+import re
+
 from typing import TYPE_CHECKING
 from typing import Any
 
@@ -7,6 +10,7 @@
 
 from poetry.core.utils.helpers import parse_requires
 
+from poetry.utils.helpers import Downloader
 from poetry.utils.helpers import HTTPRangeRequestSupported
 from poetry.utils.helpers import download_file
 from poetry.utils.helpers import get_file_hash
@@ -19,6 +23,7 @@
     from httpretty import httpretty
     from httpretty.core import HTTPrettyRequest
 
+    from tests.conftest import Config
     from tests.types import FixtureDirGetter
 
 
@@ -188,3 +193,35 @@ def handle_request(
     else:
         download_file(url, dest, raise_accepts_ranges=raise_accepts_ranges)
         assert dest.is_file()
+
+
+def test_downloader_uses_authenticator_by_default(
+    config: Config,
+    http: type[httpretty],
+    tmp_working_directory: Path,
+) -> None:
+    import poetry.utils.authenticator
+
+    # force set default authenticator to None so that it is recreated using patched config
+    poetry.utils.authenticator._authenticator = None
+
+    config.merge(
+        {
+            "repositories": {"foo": {"url": "https://foo.bar/files/"}},
+            "http-basic": {"foo": {"username": "bar", "password": "baz"}},
+        }
+    )
+
+    http.register_uri(
+        http.GET,
+        re.compile("^https?://foo.bar/(.+?)$"),
+    )
+
+    Downloader(
+        "https://foo.bar/files/foo-0.1.0.tar.gz",
+        tmp_working_directory / "foo-0.1.0.tar.gz",
+    )
+
+    request = http.last_request()
+    basic_auth = base64.b64encode(b"bar:baz").decode()
+    assert request.headers["Authorization"] == f"Basic {basic_auth}"