Sorry Jens, the login server is already on the same host as SG and it’s only used by the app to access the admin port of SG and retrieve the set-cookie.
The app is installed on a mobile device (native Android or iOS) using Ionic 2 and Cordova.
Cordova and the related web browser does not allow to set a “Cookie” header (refer also to older post Sync Gateway Cookie Auth with Cordova).
I am using PouchDB, but this is applicable also to other similar methods like the post above.
Since Ionic and similar hybrid platforms are becoming quite popular, I think CouchBase team should take a look into this problem, because the only alternative would be to use CouchBase Cordova plugin, which does not have the same advantages of PouchDb.