In this configuration example, we use HTTP cookies between the REST client and Airlock Gateway which works primarily for browser-based clients.
For non-browser-based REST clients, see Gateway configuration in article Using header tokens for session tracking.
A mixed setup with REST and browser-based clients usually requires a split setup with two VirtualHost configurations on the Airlock Gateway – one with cookie-based tracking and one with header tracking configuration.