I'm still having a problem with this issue and have not yet found a workaround. I have a management instance of Zope which is to be used to manage a collection of other Zope instances. I am trying to use Zope's Client.py mechanism (ZPublisher.Client) and am running into permissions problems with the cookiecrumbler authentication. I am using an External Method in the admin site: import ZPublisher.Client def createRemoteDiscussion( self, instanceURL, d_id, d_title ): f = ZPublisher.Client.Function( instanceURL, username='usermanager', password='usermanagerpassword') headers, body = f(d_id=d_id, d_title=d_title) return body When I use this to create an instance of, say, a ZClass remotely, I get vectored to the login page of the remote site, presumably because of permissions issues. How do I make this work? Or is there a better solution? For the record, I am currently running Zope 2.6.2b3, Python 2.1.3.