Is it possible to authenticate to the Web API using a valid SNO (session id) of a logged in user?
There is no possibility to authenticate using a valid session ID, even if it corresponds to a currently active session of a logged in user.
The Web API does not use session ids, and the logon methods described in the documentation must be called to authenticate a user in order to be able to use the Web API.