diff --git a/packages/core/src/config/default-config.ts b/packages/core/src/config/default-config.ts
index b2b633cf91..7c46caf86f 100644
--- a/packages/core/src/config/default-config.ts
+++ b/packages/core/src/config/default-config.ts
@@ -86,6 +86,7 @@ export const defaultConfig: RuntimeVendureConfig = {
         cookieOptions: {
             secret: Math.random().toString(36).substr(3),
             httpOnly: true,
+            sameSite: 'lax',
         },
         authTokenHeaderKey: DEFAULT_AUTH_TOKEN_HEADER_KEY,
         sessionDuration: '1y',