#!/usr/bin/env perl
###Modules
use WWW::Mechanize;
use HTTP::Cookies;
use HTTP::CookieJar::LWP ();
use IO::Socket::SSL qw();
use Data::Dumper;
use JSON;

###Variables & Declarations
my $creds = "$ENV{'HOME'}/.credentials";
my $uri ="https://xxx.employer.xxx/app/login?service=https://xxx.employer.xxx/app/service";
my $cookie_jar = HTTP::Cookies->new(); 

my ($username,$password) = get_credentials($creds);

my $fields = {
    username    => $username,
    password => $password,
};
my $m = WWW::Mechanize->new( cookie_jar => $cookie_jar, autocheck => 0, ssl_opts => { SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE, verify_hostname => 0 }, env_proxy => 1, keep_alive => 1, timeout => 120, agent => 'Windows IE 6' );
$m->max_redirect(0);

############## Log in and get Ticket ##################

my $content = $m->post($uri);

$m->submit_form(
    form_number => 1,
    fields      => $fields,
    button      => 'submit'
);

my $location = $m->response()->header('Location');
my $ticket_id = (split /ticket=/, $location)[1];
############## /Log in and get Ticket ##################

############## Create Session and get authorization id ##################

$m->add_header('Content-Type' => 'text/plain');
$m->add_header('Accept' => ['text/plain', 'application/json']);
#$m->delete_header('Referer');

my $session_url = "https://xxx.employer.xxx:<port>/session";

my $contentp = $m->post($session_url, 'Content' => "$ticket_id");
my $resp = $contentp->decoded_content()."\n\n";
my $decoded_json = decode_json( $resp );
my $id = $decoded_json->{id};

############## /create session and get authorization id##################

############## do authorized stuff #########################
$m->add_header('Authorization' => $id);
$m->post("whatever");

from here on I'm doing stuff inside the session...