REST API authentication fails on first request

I am writing a connector to a suppliers JIRA cloud installation, authenticating with a cloud username and application token.

The first request to a secure resource always fails with 401, if I retry it works. it seems that currently the first request is denied because there is no session attached, then authentication happens and the session gets started:

First request:
/rest/api/2/myself with header "Authorization: Basic ......"
First response:
HTTP 401 with "SetCookie: BCSI-CS..."

Second request:
/rest/api/2/myself with header "Authorization: Basic ......" and cookie "BCSI-CS...."
Second response:
HTTP 200 with expected content

This seems not to be a XSRF issue as modifying the xsrf tokens or setting "no-check" / "nocheck" does not change the outcome.

Recreation with cUrl

Fails every time due to not saving cookies:
curl --location --request GET '$jira_url/rest/api/2/myself' --header 'Authorization: Basic $jira_auth'
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><status><status-code>401</status-code><message>Client must be authenticated to access this resource.</message></status>

Fails once, then succeeds, cookies in file afterwards:
curl --location --request GET '$jira_url/rest/api/2/myself' --header 'Authorization: Basic $jira_auth' -c cookies -b cookies

Accessing public resources like issue/createmeta succeeds but does not create a session. Is there any login resource that I can add to my calls to get a session if needed without getting a 401?