diff --git a/api/user_auth.go b/api/user_auth.go
index 944325e..f5adf49 100644
--- a/api/user_auth.go
+++ b/api/user_auth.go
@@ -120,6 +120,7 @@ func completeAuth(opts *config.Options, email string, service string) Response {
 			Expires:  time.Now().Add(30 * 24 * time.Hour),
 			Secure:   opts.DevProxy == "",
 			HttpOnly: true,
+			SameSite: http.SameSiteStrictMode,
 		}},
 	}
 }