SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

same-site

Hi,

We are having trouble with requesting our backend from different origin(s). Due to `sameSite: lax` the tokens are not passed to the request and therefore all requests to our supertokens backend are unauthorized.

```
  supertokens.init({
    ...frontendConfig().appInfo,
    cookieHandler: capacitorCookieHandler,
  })
```

The cookies are saved in localStorage. Do we need to create our own interceptor to add the cookies to the request headers?

The tokens should not be saved in localstorage.

Also, you can set sameSite to none on the backend and it should work

https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/sessions/same-site-cookie