Sorry for the delay, @rupaln and sorry for giving incomplete advice.
I was able to get the Kibana server to respond with a cookie header by POSTing to /api/security/v1/login
with a JSON request body of
{
"password": "<YOURPASSWORD>",
"username": "<YOURUSERNAME>"
}
and the appropriate kbn-version: 5.1.1
header.