AFAIK, this is done by sending a NIP-42 ephemeral event. Regular HTTP auth DOES NOT WORK over nostr, because there is no server side to verify credentials. NIP-42 is how relays can dynamically authenticate client access.
https://github.com/nostr-protocol/nips/blob/master/42.md