User Profile

Hi,I'm using a single URLSession with a custom URLSessionDelegate to handle 401 challenges from our NTLM-authenticated web api. I would expect that after the first successful handshake I would stop getting them but unfortunately they keep coming for every new endpoint I hit. Is this the default behavior or is there any way to provide those credentials with every request to avoid the 401s? Whenever I create the credentials to pass back I'm specifying the persistence as .forSession so I'm a bit confused.I also noticed that browsing our web api via Safari results in the same behavior, a 401 for every call, however when browsing with Chrome only one initial 401 challege is issued.Any clarity or advise would be appreciated.