Summary

According to https://docs.atlassian.com/jira/REST/cloud/ ...

Note, JIRA itself uses cookie-based authentication in the browser, so you can call REST from Javascript on the page and rely on the authentication that the browser has established. To reproduce the behavior of the JIRA log-in page (for example, to display authentication error messages to users) can POST to the /auth/1/session resource.

It is mentioned in documentation that Javascripts can be used to fire REST Calls to Cloud instances but in truth this is wrong because attempting to fire REST Calls from Javascripts will return errors regarding CORS.

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 401.

Will be best to keep this portion updated so that it doesn't confuse users.