login handles the auth, but we just need the Set-Cookie header from that call.
If the cookie isn‘t set, do a get_organizations call to set it and try the request. If we get an Unauthorized error, we assume the token expired, re-auth and try again
[Validate]