Sending a session back in via javascript

Hi Folks

I’m coding a button on the invoice screen to send the invoice details to another system. The architecture looks something like this:

Button -> JS Function -> Custom REST API -> Third Party API -> JS callback -> Message on Screen

I’ve made some progress, but I can’t seem to pass in the session_id from the JS to the RST API and have is validated successfully. The line in question from the example code is this:

if (!self::$helperObject->checkSessionAndModuleAccess($session, 'invalid_session', '', '', '',  $error))

That $session var is populated properly, and I have traced the issue down to this line in service/v4_1/SugarWebServiceUtilv4_1.php

if(!empty($_SESSION['is_valid_session']) && $this->is_valid_ip_address('ip_address') && $_SESSION['type'] == 'user')

While this line fails, I suspect the problem is in the code just above it:

if(!session_id()) {

Can anyone tell me if there is a better way to pass the session_id around? I don’t want to have to log in again using JS (for security reasons).