Hi Matt,
What type of authentication is the WFS using? If it's token based, you should be able to specify a custom parameter which will then include a token in each request. For ex:
parameter: token
value: ABCDEFG
Note, the same token will be used for all requests. If you save the custom parameters in the web map, anyone viewing the web map will use the same token.
thanks,
Chris