If a user is authenticated via RUT authorization they should not be prompted for a password from Nexus under any circumstances, since they do not have one to provide.
This applies to at least the following:
- User Token Retrieval
- NuGet API Key Access
- Support Zip Download
All destructive operations should still require a confirmation dialog ( Yes or No - but not ask for credentials) - such as:
- resetting all user tokens
- resetting NuGet API key