Certain Apache configurations strip Authorization headers and don't allow the Basic Auth credentials to be made available to PHP. To get around this, you'll need to set an environment variable in the site's root .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
This must be in the site root .htaccess (not the wp-content/uploads/satispress-xxxx/.htaccess), and it must come before the WordPress rewrites.
Some servers don't route URLs ending with a file extension through WordPress' front controller, so it's possible that some rewrite rules SatisPress registers won't work. This primarily affects the route that delivers the packages.json file for Composer since it ends in .json. You will typically see a 404 error document generated by the server rather than a 404 page with your theme's design when this happens.
Try visiting the Settings → Permalinks page and flushing the site's permalinks first if the URL for packages.json doesn't work. Rewrite Rules Inspector is a handy plugin for viewing or flushing rewrite rules.
If that still doesn't work, you may need to add a rewrite rule to your server:
An external rewrite rule should be automatically added to .htaccess to handle packages.json.
rewrite ^/satispress/packages.json$ /index.php last;