Hi, in oVirt 4.0 the RestApiSessionAcquired event will be replaced with API to create authenticated requests for Engine services. Using REST API persistent session mechanism where UI acquires a single session to be shared by all UI plugins led us to many problems in the past, typically observed by end users as "Auth Required" browser popups. The new API proposed by [1] creates XMLHttpRequest object with following properties: * sets "Authorization: Bearer xxx" header before sending * logs request and response details (enabled via API option) [1] https://gerrit.ovirt.org/#/c/49278/ Example: var xhr = api.createEngineHttpRequest(); xhr.open('GET', 'http://example.com/ovirt-engine/api', true); xhr.setRequestHeader('Accept', 'application/json'); xhr.send(null); Since REST API persistent session mechanism currently relies on cookie (JSESSIONID), individual UI plugins should not try to create a REST session on their own to avoid any clashes. Regards, Vojtech