I understand your concern with the way Domoticz' API works and also that the effort from your end renders minimal return. I don't understand the negative effect on your AWS bill, as it doesn't require extra call's, only handling of the http-headers containing the cookies.
If you could suffice with setting and saving the SID-cookie in the http-header without any negative effect it could be a very minimal change. I tested a Domoticz API call with username+password and a corrupted and outdated SID. This unfortunately gives an Auth error and doesn't use the username+password as back-up. Therefor managing the validity (expire-date) is vital and adds to the complexity you described.
Thanks for your elaborate respons, it was an easy fix for my own services too bad this isn't as easy when scaled up