diff --git a/builder/kojid b/builder/kojid
index f7098594..4103300a 100755
--- a/builder/kojid
+++ b/builder/kojid
@@ -4764,6 +4764,10 @@ class BuildSRPMFromSCMTask(BaseBuildTask):
         rootopts = {'install_group': 'srpm-build',
                     'setup_dns': True,
                     'repo_id': repo_id}
+        if self.options.scm_credentials_dir is not None and os.path.isdir(self.options.scm_credentials_dir):
+            rootopts['bind_opts'] = {'dirs' : {self.options.scm_credentials_dir : '/credentials',}}
+            ## Force internal_dev_setup back to true because bind_opts is used to turn it off
+            rootopts['internal_dev_setup'] = True
         br_arch = self.find_arch('noarch', self.session.host.getHost(), self.session.getBuildConfig(build_tag['id'], event=event_id))
         broot = BuildRoot(self.session, self.options, build_tag['id'], br_arch, self.id, **rootopts)
         broot.workdir = self.workdir
@@ -6179,6 +6183,7 @@ def get_options():
                 'createrepo_update': True,
                 'pkgurl': None,
                 'allowed_scms': '',
+                'scm_credentials_dir': None,
                 'support_rpm_source_layout': True,
                 'yum_proxy': None,
                 'maven_repo_ignore': '*.md5 *.sha1 maven-metadata*.xml _maven.repositories '
diff --git a/builder/kojid.conf b/builder/kojid.conf
index b9f08514..4b56c96a 100644
--- a/builder/kojid.conf
+++ b/builder/kojid.conf
@@ -69,6 +69,20 @@ topurl=http://hub.example.com/kojifiles
 ; is run by default.
 allowed_scms=scm.example.com:/cvs/example git.example.org:/example svn.example.org:/users/*:no
 
+; A directory to bind mount into Source RPM creation so that some
+; credentials can be supplied when required to fetch sources, e.g.
+; when the place the sources are fetched from requires all accesses to
+; be authenticated in order to satisfy auditing requirements.
+;
+; The directory specified here will turn up in the SRPMfromSCM chroot
+; as /credentials. It is up to whatever implements "make_source_cmd"
+; to make appropriate use of any credentials supplied.
+;
+; Be aware that this means "make_source_cmd" has access to these
+; credentials and could steal them; any credentials supplied
+; should be easily disabled, and not used for other purposes.
+; scm_credentials_dir = /etc/kojid/scmcredentials
+
 ; The mail host to use for sending email notifications
 smtphost=example.com