Jira Server XSRF Security Token Missing


I am doing some REST API calls from java backend

        httpPut.addHeader("cookie", "JSESSIONID=" + sessionId);
        httpPut.setHeader("Content-Type", "application/json");
        httpPut.setHeader("Accept", "application/json");
        httpPut.setHeader("X-Atlassian-Token", "no-check");

The call works, but Jira is updating the token (checked it in the browser cookies) and because of this? the user will see the message:

And the action can be done after pressing ‘Retry Operation’.
How can this be avoided from a webhook (which is a plugin servlet) as I don’t have access to the user token but only to the sessionId via

 JiraUserSessionTracker jiraUserSessionTracker = JiraUserSessionTracker.getInstance();
        List<JiraUserSession> jiraUserSessionList = jiraUserSessionTracker.getSnapshot();
        String sessionId = "";
        for (int i = 0; i < jiraUserSessionList.size(); i++){
            JiraUserSession userSession = jiraUserSessionList.get(i);
            username = ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser().getUsername();
            if (userSession.getUserName() != null && userSession.getUserName().equals(username)){
                sessionId = userSession.getId().replaceAll("[0-9a-z]*-", "");
                cookie = "JSESSIONID=" + sessionId;

Thank you very much!