I have to exclude one Url (as well as one prefix) from normal htaccess Fundamental Auth protection. Something similar to /callbacks/myBank or /callbacks/.* Have you got any hints how to get it done?

What I am not searching for is how you can exclude personal files. This needs to be url (because this is solution according to PHP framework, and all sorts of web addresses are rerouted with mod_rewrite to index.php). So there's no file under this url. Nothing.

A number of individuals web addresses are simply callbacks using their company services (No IP isn't known and so i cannot exclude according to IP) plus they cannot prompt for User / Password.

Current definition is actually:

AuthName "Please login."
AuthGroupFile /dev/null
AuthType Basic
AuthUserFile /xxx/.htpasswd
require valid-user 

Using SetEnvIf, you may create a flexible once the request begins with a few path, then make use of the Satisfy Any directive to prevent needing to login.

# set an environtment variable "noauth" if the request starts with "/callbacks/"
SetEnvIf Request_URI ^/callbacks/ noauth=1

# the auth block
AuthName "Please login."
AuthGroupFile /dev/null
AuthType Basic
AuthUserFile /xxx/.htpasswd

# Here is where we allow/deny
Order Deny,Allow
Satisfy any
Deny from all
Require valid-user
Allow from env=noauth

The allow/deny slice of directives states that deny access for Everybody, except when there's a valid-user (effective Fundamental auth login) or maybe the noauth variable is placed.