diff --git a/apps/api/src/routes/auth.ts b/apps/api/src/routes/auth.ts
index 66ca71d..0a030eb 100644
--- a/apps/api/src/routes/auth.ts
+++ b/apps/api/src/routes/auth.ts
@@ -78,7 +78,7 @@ export function requireAuth(app: Elysia) {
 const COOKIE_OPTS = {
   httpOnly: true,
   secure: process.env.COOKIE_SECURE !== "false",
-  sameSite: "lax" as const,
+  sameSite: "none" as const,
   path: "/",
   domain: process.env.COOKIE_DOMAIN ?? ".pingql.com",
   maxAge: 60 * 60 * 24 * 30, // 30 days
diff --git a/apps/web/src/routes/auth.ts b/apps/web/src/routes/auth.ts
index b47e0a9..cc89f40 100644
--- a/apps/web/src/routes/auth.ts
+++ b/apps/web/src/routes/auth.ts
@@ -78,7 +78,7 @@ export function requireAuth(app: Elysia) {
 const COOKIE_OPTS = {
   httpOnly: true,
   secure: process.env.COOKIE_SECURE !== "false",
-  sameSite: "lax" as const,
+  sameSite: "none" as const,
   path: "/",
   domain: process.env.COOKIE_DOMAIN ?? ".pingql.com",
   maxAge: 60 * 60 * 24 * 30, // 30 days