When user is accessing the API Gateway communication url, if user is contains special character in his first name or last name and this becomes part of the Cookie Header we see a 400 bad request.
Release : 10.1
In 9.4 an which utilized an earlier version of tomcat having a cookie with a i18n char did not cause issues.
Note: This could be user/password or even location.
Cookie: ConcurrentSession=Location=Québec, QC due to the é
Removing the e or making it a plain e resolves the 400 bad request error.
Guided by RFC 6265: https://www.ietf.org/rfc/rfc6265.txt
There is yet another upgrade from 10.1 base (tomcat) to 10.1 CR01 and this tomcat should have loosened the requirements around this.
The suggestion is to either upgrade to 10.1 CR01+ to see if the new version resolves your cookie issue.
Ensure the client is encoding the characters using special values are properly encoded by the client to follow the RFC.