diff --git a/osc/conf.py b/osc/conf.py
index 32e06d30..48176a37 100644
--- a/osc/conf.py
+++ b/osc/conf.py
@@ -818,7 +818,10 @@ def get_config(override_conffile=None,
                  'http_headers': http_headers}
         api_host_options[apiurl] = APIHostOptionsEntry(entry)
 
-        optional = ('realname', 'email', 'sslcertck', 'cafile', 'capath', 'sshkey', 'allow_http')
+        optional = (
+            'realname', 'email', 'sslcertck', 'cafile', 'capath', 'sshkey', 'allow_http',
+            credentials.AbstractCredentialsManager.config_entry,
+        )
         for key in optional:
             if cp.has_option(url, key):
                 if key in ('sslcertck', 'allow_http'):
diff --git a/osc/connection.py b/osc/connection.py
index 673bf03e..f81f3748 100644
--- a/osc/connection.py
+++ b/osc/connection.py
@@ -508,8 +508,13 @@ class SignatureAuthHandler(AuthHandlerBase):
     def __init__(self, user, sshkey, basic_auth_password=None):
         self.user = user
         self.sshkey = sshkey
-        # value of `basic_auth_password` is only used as a hint if we should skip signature auth
-        self.basic_auth_password = bool(basic_auth_password)
+
+        apiurl = conf.config["apiurl"]
+        if conf.config["api_host_options"][apiurl].get("credentials_mgr_class", None) == "osc.credentials.TransientCredentialsManager":
+            self.basic_auth_password = False
+        else:
+            # value of `basic_auth_password` is only used as a hint if we should skip signature auth
+            self.basic_auth_password = bool(basic_auth_password)
 
     def list_ssh_agent_keys(self):
         cmd = ['ssh-add', '-l']