...
The REST API implements a mechanism to encapsulate tokens in cookies in order to simplify the connection in the context of a Web application running in a browser (of , especially for the html img tags which do not allow to use header Authorization. Of course, this system can be used in any system that implements a cookie maintenance system, such as the Unirest library, Insomnia or Postman…).
The x-wedia-api-token cookie identifies the user connected to the session identified by the JSESSIONID cookie. Two other cookies are dedicated to the refresh or signin endpoints, respectively x-wedia-api-tk and x-wedia-api-so.
...