Definitely it can be done. I'm not sure about what's involved in setting that up administratively, but our installation requires authentication and access to hit various endpoints.
These pages describe authentication and authorization for the Splunk REST API:
http://docs.splunk.com/Documentation/Splunk/5.0.1/RESTAPI/RESTaccess
http://docs.splunk.com/Documentation/Splunk/5.0.1/RESTAPI/RESTusing#Authentication
Essentially, use auth/login to get the session key, and then pass the session key along in an HTTP header (Authorization request header) to get access to a given endpoint.
... View more