Qiskit · diego-plan9 · Jun 21, 2019 · Jun 18, 2019 · Jun 19, 2019 · Jun 19, 2019
diff --git a/qiskit/providers/ibmq/api_v2/ibmqclient.py b/qiskit/providers/ibmq/api_v2/ibmqclient.py
@@ -25,27 +25,30 @@
 class IBMQClient:
     """Client for programmatic access to the IBM Q API."""
 
-    def __init__(self, api_token, auth_url, verify=True, proxies=None):
+    def __init__(self, api_token, auth_url, verify=True, proxies=None, auth=None):
         """IBMQClient constructor.
 
         Args:
             api_token (str): IBM Q api token.
             auth_url (str): URL for the authentication service.
             verify (bool): if False, ignores SSL certificates errors.
             proxies (dict): proxies used in the connection.
+            auth (AuthBase): authentication handler.
         """
         self.api_token = api_token
         self.auth_url = auth_url
 
-        self.client_auth = Auth(RetrySession(auth_url, verify=verify, proxies=proxies))
-        self.client_api, self.client_ws = self._init_service_clients(verify=verify, proxies=proxies)
+        self.client_auth = Auth(RetrySession(auth_url, verify=verify, proxies=proxies, auth=auth))
+        self.client_api, self.client_ws = self._init_service_clients(
+            verify=verify, proxies=proxies, auth=auth)
 
-    def _init_service_clients(self, verify, proxies):
+    def _init_service_clients(self, verify, proxies, auth):
         """Initialize the clients used for communicating with the API and ws.
 
         Args:
             verify (bool): if False, ignores SSL certificates errors.
             proxies (dict): proxies used in the connection.
+            auth (AuthBase): authentication handler.
 
         Returns:
             tuple(Api, WebsocketClient):
@@ -60,7 +63,7 @@ def _init_service_clients(self, verify, proxies):
 
         # Create the api server client, using the access token.
         client_api = Api(RetrySession(service_urls['http'], access_token,
-                                      verify=verify, proxies=proxies))
+                                      verify=verify, proxies=proxies, auth=auth))
 
         # Create the websocket server client, using the access token.
         client_ws = WebsocketClient(service_urls['ws'], access_token)

diff --git a/qiskit/providers/ibmq/api_v2/ibmqversionfinder.py b/qiskit/providers/ibmq/api_v2/ibmqversionfinder.py
@@ -21,16 +21,17 @@
 class IBMQVersionFinder:
     """Client for finding the API version being used."""
 
-    def __init__(self, url, verify=True, proxies=None):
+    def __init__(self, url, verify=True, proxies=None, auth=None):
         """IBMQVersionFinder constructor.
 
         Args:
             url (str): URL for the service.
             verify (bool): if False, ignores SSL certificates errors.
             proxies (dict): proxies used in the connection.
+            auth (AuthBase): authentication handler.
         """
         self.client_version_finder = VersionFinder(
-            RetrySession(url, verify=verify, proxies=proxies)
+            RetrySession(url, verify=verify, proxies=proxies, auth=auth)
         )
 
     def version(self):

diff --git a/qiskit/providers/ibmq/ibmqsingleprovider.py b/qiskit/providers/ibmq/ibmqsingleprovider.py
@@ -16,6 +16,7 @@
 
 import logging
 from collections import OrderedDict
+from requests_ntlm import HttpNtlmAuth
 
 from qiskit.providers import BaseProvider
 from qiskit.providers.models import (QasmBackendConfiguration,
@@ -73,30 +74,39 @@ def _authenticate(self, credentials):
             credentials (Credentials): Quantum Experience or IBMQ credentials.
 
         Returns:
-            IBMQConnector: instance of the IBMQConnector.
+            IBMQClient: instance of the IBMQClient if using the new API.
+            IBMQConnector: instance of the IBMQConnector if using the old API.
         Raises:
             ConnectionError: if the authentication resulted in error.
         """
-        # Use an IBMQVersionFinder for finding out the API version.
+        # handle proxy and auth configuration
         proxies = credentials.proxies.get('urls')
+
+        if 'username_ntlm' in credentials.proxies and 'password_ntlm' in credentials.proxies:
+            auth = HttpNtlmAuth(
+                credentials.proxies['username_ntlm'],
+                credentials.proxies['password_ntlm']
+            )
+        else:
+            auth = None
+
+        # Use an IBMQVersionFinder for finding out the API version.
         version_finder = IBMQVersionFinder(url=credentials.base_url,
                                            verify=credentials.verify,
-                                           proxies=proxies)
+                                           proxies=proxies, auth=auth)
         version_info = version_finder.version()
 
         # Check if the URL belongs to auth services of the new API.
         try:
             self.is_new_api = version_info['new_api']
 
             if version_info['new_api'] and 'api-auth' in version_info:
-                return IBMQClient(api_token=credentials.token,
-                                  auth_url=credentials.url,
-                                  verify=credentials.verify,
-                                  proxies=proxies)
+                return IBMQClient(api_token=credentials.token, auth_url=credentials.url,
+                                  verify=credentials.verify, proxies=proxies, auth=auth)
             else:
                 # Prepare the config_dict for IBMQConnector.
                 config_dict = {
-                    'url': credentials.url,
+                    'url': credentials.url
                 }
                 if credentials.proxies:
                     config_dict['proxies'] = credentials.proxies