diff --git a/auth-handler.go b/auth-handler.go
index e0124ce..515cde7 100644
--- a/auth-handler.go
+++ b/auth-handler.go
@@ -92,7 +92,14 @@ func SSO3(w http.ResponseWriter, req *http.Request) bool {
 	}
 	// We give the user an authorization token from another domain
 	// TODO no 3th redirect
-	http.SetCookie(w, &http.Cookie{Name: "jauth_token", Value: parts[0], HttpOnly: true, SameSite: http.SameSiteStrictMode, Path: "/"})
+	http.SetCookie(w, &http.Cookie{
+		Name: "jauth_token", 
+		Value: parts[0], 
+		HttpOnly: true, 
+		Secure:   true,
+		SameSite: http.SameSiteLaxMode, 
+		Path: "/",
+	})
 	// Redirect to the user's original page
 	http.Redirect(w, req, url, http.StatusFound)
 	return true
@@ -373,7 +380,7 @@ func provideCookieWithNewToken(w http.ResponseWriter, req *http.Request, usernam
 			Value:    token,
 			HttpOnly: true,
 			Secure:   true,
-			SameSite: http.SameSiteStrictMode,
+			SameSite: http.SameSiteLaxMode,
 			Path:     "/",
 		})
 	// MaxAge: -1 mean deleting cookie