diff --git a/.gitignore b/.gitignore
index 55b5d32..a4755ad 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,6 @@ env
 __pycache__
 .python-version
 .venv
+.vscode
+build
+dist
diff --git a/oras/auth/token.py b/oras/auth/token.py
index 355848d..6390e55 100644
--- a/oras/auth/token.py
+++ b/oras/auth/token.py
@@ -71,16 +71,18 @@ def authenticate_request(
 
         h = auth_utils.parse_auth_header(authHeaderRaw)
 
-        # First try to request an anonymous token
-        logger.debug("No Authorization, requesting anonymous token")
-        anon_token = self.request_anonymous_token(h)
-        if anon_token:
-            logger.debug("Successfully obtained anonymous token!")
-            self.token = anon_token
-            headers["Authorization"] = "Bearer %s" % self.token
-            return headers, True
-
-        # Next try for logged in token
+        # if no basic auth, try by request an anonymous token
+        if not hasattr(self, '_basic_auth'):
+            logger.debug("No Basic Auth found, requesting anonymous token")
+            anon_token = self.request_anonymous_token(h)
+            if anon_token:
+                logger.debug("Successfully obtained anonymous token!")
+                self.token = anon_token
+                headers["Authorization"] = "Bearer %s" % self.token
+                return headers, True
+
+        # try using auth token
+        logger.debug("requesting Auth Token")
         token = self.request_token(h)
         if token:
             self.token = token