Dashboard Servers can be configured to allow unauthenticated access via an opt-in configuration option requiring a username of a dashboard user and all unauthenticated requests then will be treated as if they were coming from the configured user.

Dashboard clients (i.e. also the IDE plugins) need special code in order to handle dashboards that are configured this ways properly (with two goals):

• if i don't need to send the password/token to the dashboard then don't do so (security)
• clients do not have to know the name of the underlying anonymous user, but still need to request anonymous authentication explicitly by supplying "anon_auth" as username.

Find more specification here: https://qtgroup.atlassian.net/wiki/spaces/QATOOLS/pages/279445705/QtCreator+AxivionPlugin+Cooperation+Notes#anonymous-authentication

Having a special username triggering anonymous authentication can be considered somewhat suboptimal, but that's the decision that has been made.

Clients/IDE-Plugins are free to help users configuring anonymous authenticaton or to even preconfigure "anon_auth" as username for new Dashboard configurations.

I guess it would be fine if it materialized into one of the 18.x releases.