diff --git a/api.planx.uk/modules/auth/controller.ts b/api.planx.uk/modules/auth/controller.ts
index c87c4e6ca7..8aa69b6d2f 100644
--- a/api.planx.uk/modules/auth/controller.ts
+++ b/api.planx.uk/modules/auth/controller.ts
@@ -40,7 +40,7 @@ function setJWTCookie(returnTo: string, res: Response, req: Request) {
       new Date().setFullYear(new Date().getFullYear() + 1),
     ).getTime(),
     // the JWT/auth cookies should be sent only between the API server and editor
-    sameSite: "strict",
+    sameSite: "lax",
     secure: true,
   };