Hey @ksmith,
Sorry for the delay in replying.
The replication should not return a 401 Unauthorized after GET /:db/_local/:checkpoint.
Using the setCookie seems to have solved the issue.
@kanundrum is having the same issue I think.
Are you using a reverse proxy by any chance that could result in having an invalid path in the cookie returned?
James