Stuck with a simple Fortigate Ansible playbook, confusion over cookie formatting

Hi all, I am writing a playbook to interact with FortiGates and so far I have been able to log into the firewall using a username/password and get the cookies, using the Ansible task below:

- name: Log into FortiGate with username and password
  uri:
    url: https://{{ ansible_host }}:{{ ansible_httpapi_port }}/logincheck
    validate_certs: false
    method: POST
    body: "username={{ ansible_user }}&secretkey={{ ansible_password }}"
  register: api_response

The above works OK and an example response of the cookies field is as follows:

"cookies": {
        "APSCOOKIE_443_2ce51d45": "\"Era%3D1%26Payload%3DHNOqWx3EbHx7eszdEI3DDD5Wg3JfTv91yruqzI%2F8xvgTN6Vt0UxSiwWE+8mA7U5e%0A23MGKrurB46Y9upDfOLnHmLX0+B%2F4moLTIOP3ESl18b3P0uZt%2FHte9q1Ubmx4rSh%0Av4HgIiR9XV7PIlTCOt5EfA%3D%3D%0A%26AuthHash%3DJF27LpT6h1yJiBuPH3qa1ShbURA%3D%0A\"",
        "ccsrftoken_443_2ce51d45": "\"7B7CA5D5C8C7A215627CD695FCCD596A\""
    }

I am then parsing the cookies and formatting them as follows (but I dont think this is right):

"csrf_token": "7B7CA5D5C8C7A215627CD695FCCD596A",
"session_cookie_name": "APSCOOKIE_443_2ce51d45",
"session_cookie_value": "Era%3D1%26Payload%3DHNOqWx3EbHx7eszdEI3DDD5Wg3JfTv91yruqzI%2F8xvgTN6Vt0UxSiwWE+8mA7U5e%0A23MGKrurB46Y9upDfOLnHmLX0+B%2F4moLTIOP3ESl18b3P0uZt%2FHte9q1Ubmx4rSh%0Av4HgIiR9XV7PIlTCOt5EfA%3D%3D%0A%26AuthHash%3DJF27LpT6h1yJiBuPH3qa1ShbURA%3D%0A"

The issue I have is when running further API calls and using the cookies within the headers, whenever I do this I always get a 401 unauthorised error, so I think I am doing something wrong with how I am passing the cookies across via the playbook?

- name: Get FortiGate system status
  ansible.builtin.uri:
    url: "https://{{ ansible_host }}/api/v2/monitor/system/status"
    method: GET
    headers:
      Cookie: "{{ session_cookie_name }}={{ session_cookie_value }}"
      X-CSRFTOKEN: "{{ csrf_token }}"
    validate_certs: no
    return_content: yes
  register: fortigate_status

Here is the full error response:

fatal: [FORTIGATE-A]: FAILED! => {
    "changed": false,
    "connection": "close",
    "content": "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>401 Unauthorized</title>\n</head><body>\n<h1>Unauthorized</h1>\n<p>This server could not verify that you\nare authorized to access the document\nrequested.  Either you supplied the wrong\ncredentials (e.g., bad password), or your\nbrowser doesn't understand how to supply\nthe credentials required.</p>\n<p>Additionally, a 401 Unauthorized\nerror was encountered while trying to use an ErrorDocument to handle the request.</p>\n</body></html>\n",
    "content_length": "503",
    "content_security_policy": "frame-ancestors 'self'",
    "content_type": "text/html; charset=iso-8859-1",
    "date": "Thu, 27 Feb 2025 15:41:12 GMT",
    "elapsed": 0,
    "invocation": {
        "module_args": {
            "attributes": null,
            "body": null,
            "body_format": "raw",
            "ca_path": null,
            "ciphers": null,
            "client_cert": null,
            "client_key": null,
            "creates": null,
            "decompress": true,
            "dest": null,
            "follow_redirects": "safe",
            "force": false,
            "force_basic_auth": false,
            "group": null,
            "headers": {
                "Cookie": "APSCOOKIE_443_2ce51d45=Era%3D1%26Payload%3DHNOqWx3EbHx7eszdEI3DDD5Wg3JfTv91yruqzI%2F8xvgTN6Vt0UxSiwWE+8mA7U5e%0A23MGKrurB46Y9upDfOLnHmLX0+B%2F4moLTIOP3ESl18b3P0uZt%2FHte9q1Ubmx4rSh%0Av4HgIiR9XV7PIlTCOt5EfA%3D%3D%0A%26AuthHash%3DJF27LpT6h1yJiBuPH3qa1ShbURA%3D%0A",
                "X-CSRFTOKEN": "7B7CA5D5C8C7A215627CD695FCCD596A"
            },
            "http_agent": "ansible-httpget",
            "method": "GET",
            "mode": null,
            "owner": null,
            "remote_src": false,
            "removes": null,
            "return_content": true,
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": null,
            "status_code": [
                200
            ],
            "timeout": 30,
            "unix_socket": null,
            "unredirected_headers": [],
            "unsafe_writes": false,
            "url": "https://192.168.101.122/api/v2/monitor/system/status",
            "url_password": null,
            "url_username": null,
            "use_gssapi": false,
            "use_netrc": true,
            "use_proxy": true,
            "validate_certs": false
        }
    },
    "msg": "Status code was 401 and not [200]: HTTP Error 401: Unauthorized",
    "redirected": false,
    "set_cookie": "APSCOOKIE_443_2ce51d45=\"Era%3D1%26Payload%3DHNOqWx3EbHx7eszdEI3DDD5Wg3JfTv91yruqzI%2F8xvgTN6Vt0UxSiwWE+8mA7U5e%0A23MGKrurB46Y9upDfOLnHmLX0+B%2F4moLTIOP3ESl18b3P0uZt%2FHte9q1Ubmx4rSh%0AQjzZb6IMCuXURWMggtVKaQ%3D%3D%0A%26AuthHash%3DfYIs9MA63js7Tg3FUkYYN8uOIV0%3D%0A\"; path=/; HttpOnly; SameSite=Strict",
    "status": 401,
    "strict_transport_security": "max-age=0",
    "url": "https://192.168.101.122/api/v2/monitor/system/status",
    "x_frame_options": "SAMEORIGIN"
}

Can anyone help me understand how I should format the cookies in this scenario please? Or if you have done something similar before, are you able to share your playbook/tasks with me? I have written playbooks to interact with API's before but I am really struggling with FortiGates for some reason.

Thanks in advance <3