Windows credential - as Windows credentials - can only be used if WCF service can identify the client's current Windows credential (means can access the client's domain somehow). In that case client have not pass any credentials implicitly, but the configuration of the server is enough (
read here about it[
^]).
If you have a WCF service that knows nothing about client's domain you have explicitly pass domain/username/password of current credentials to it, and WCF will authenticate it on it's way...But! In that case you have no way but ask the (human) client to identify himself...
And there is a big problem! As anyone will advise you against to store those info anywhere at all. It may be a better think to add a single credential to your config file, that will be used by every client, that config file can be encrypted to hide values and can be changed if necessary...