diff --git a/rbtools/api/request.py b/rbtools/api/request.py
index fe928bf4607eb73f6354f1e73b8dda94c11cfe4f..923a136eb7bc2a8bbafb8e0f91db2319afc1617a 100644
--- a/rbtools/api/request.py
+++ b/rbtools/api/request.py
@@ -25,6 +25,9 @@ except ImportError:
     from cgi import parse_qsl
 
 
+RB_COOKIE_NAME = 'rbsessionid'
+
+
 class HttpRequest(object):
     """High-level HTTP-request object."""
     def __init__(self, url, method='GET', query_args={}):
@@ -131,7 +134,7 @@ class PresetHTTPAuthHandler(urllib2.BaseHandler):
         self.used = False
 
     def http_request(self, request):
-        if not self.used:
+        if not self.used and self.password_mgr.rb_user:
             # Note that we call password_mgr.find_user_password to get the
             # username and password we're working with.
             username, password = \
@@ -228,9 +231,8 @@ class ReviewBoardServer(object):
     Provides methods for executing HTTP requests on a Review Board
     server's Web API.
     """
-
     def __init__(self, url, cookie_file, username=None, password=None,
-                 agent=None):
+                 agent=None, session=None):
         self.url = url
         if self.url[-1] != '/':
             self.url += '/'
@@ -243,6 +245,35 @@ class ReviewBoardServer(object):
             except IOError:
                 pass
 
+        if session:
+            parsed_url = urlparse(url)
+            # Get the cookie domain from the url. If the domain
+            # does not contain a '.' (e.g. 'localhost'), we assume
+            # it is a local domain and suffix it (See RFC 2109).
+            domain = parsed_url.hostname
+            if domain.count('.') < 1:
+                domain = "%s.local" % domain
+
+            cookie = cookielib.Cookie(
+                version=0,
+                name=RB_COOKIE_NAME,
+                value=session,
+                port=None,
+                port_specified=False,
+                domain=domain,
+                domain_specified=True,
+                domain_initial_dot=True,
+                path=parsed_url.path,
+                path_specified=True,
+                secure=False,
+                expires=None,
+                discard=False,
+                comment=None,
+                comment_url=None,
+                rest={'HttpOnly': None})
+            self.cookie_jar.set_cookie(cookie)
+            self.cookie_jar.save()
+
         # Set up the HTTP libraries to support all of the features we need.
         password_mgr = ReviewBoardHTTPPasswordMgr(self.url,
                                                   username,
diff --git a/rbtools/api/transport/sync.py b/rbtools/api/transport/sync.py
index 75832c5c11e42f07ca270ab8b638c7459de8623b..f5d4a305b90ec79a9bb6735b297a352c709b51fa 100644
--- a/rbtools/api/transport/sync.py
+++ b/rbtools/api/transport/sync.py
@@ -19,11 +19,18 @@ class SyncTransport(Transport):
     The optional agent parameter can be used to specify a custom
     User-Agent string for the API. If not provided, the default
     RBTools User-Agent will be used.
+
+    The optional session can be used to specify an 'rbsessionid'
+    to use when authenticating with reviewboard.
+
     """
-    def __init__(self, url, cookie_file, username, password, agent=None):
+    def __init__(self, url, cookie_file, username=None, password=None,
+                 agent=None, session=None):
         super(SyncTransport, self).__init__(url)
         self.server = ReviewBoardServer(self.url, cookie_file,
-                                        username=username, password=password)
+                                        username=username,
+                                        password=password,
+                                        session=session)
 
         self.get_root = SyncTransportMethod(self, self._root_request)