Hi Matt Fancher,
On the surface, GeoEvent is capable of passing credentials to authenticate against a certain endpoint. This can either be done through a GET request where the parameters for credentials/token are passed within the URL itself or through a POST where the headers for authentication are specified in one of the input connector's properties. I am unsure if there is a means to send one request, receive the response, and then send another through the connector.
Do you have a means of accessing the endpoint you need in one fell swoop, to where you can bypass the authentication or somehow include it in a single request?