diff --git a/TES/tes/apiendpoints.py b/TES/tes/apiendpoints.py
index 16f401c9eeead4d146970aa43ba8c0fe7958a8ff..a3cd957cb015f194629a8eafed65fd1f472dae9b 100644
--- a/TES/tes/apiendpoints.py
+++ b/TES/tes/apiendpoints.py
@@ -475,7 +475,7 @@ class CreateTunnel(Resource):
                    localbind=localbind, authtok=authtok)
         response = make_response("")
         response.mime_type = 'application/json'
-        response.set_cookie('twsproxyauth', authtok, httponly=True,samesite='Strict')
+        response.set_cookie('twsproxyauth', authtok, httponly=True,samesite='Lax')
         logger.debug('JobConnect.connect: connecting via redirect with cookie authtok set to  {}'.format(authtok))
         return response
 
diff --git a/TWS/twsproxy/__init__.py b/TWS/twsproxy/__init__.py
index 23cf9d758038c991a7666e860bb3c791385e70aa..42e8dc3e1d6f03dd7d96a9b5324737928b02ca2d 100644
--- a/TWS/twsproxy/__init__.py
+++ b/TWS/twsproxy/__init__.py
@@ -94,7 +94,7 @@ class TWSProxy(threading.Thread):
         initshutdown.clear()
         (header, bytessofar) = self.inittws(initshutdown)
         if self.authtok is not None:
-            replyheader = b'Set-Cookie: twsproxyauth2='+self.authtok+b' ; HttpOnly; SameSite=Strict\r\n'
+            replyheader = b'Set-Cookie: twsproxyauth2='+self.authtok+b' ; HttpOnly; SameSite=Lax; Path=/ \r\n'
         else:
             replyheader = None
         insertafter = b'HTTP/1.1 200 OK\r\n'