diff --git a/g3w-admin/client/views.py b/g3w-admin/client/views.py
index 061ccaa55..443f8419b 100644
--- a/g3w-admin/client/views.py
+++ b/g3w-admin/client/views.py
@@ -216,7 +216,10 @@ def render_to_response(self, context, **response_kwargs):
 
         # Add G3W_CLIENT_COOKIE_SESSION_TOKEN cookie to response
         response = super().render_to_response(context)
-        response.set_cookie(settings.G3W_CLIENT_COOKIE_SESSION_TOKEN, secrets.token_hex(16))
+
+        # Only with https set samesite='None' for cross-site requests, i.e. for cross-site iframe
+        kwargs = {'samesite': 'None', 'secure': True} if self.request.is_secure() else {'samesite': 'Strict'}
+        response.set_cookie(settings.G3W_CLIENT_COOKIE_SESSION_TOKEN, secrets.token_hex(16), **kwargs)
 
         return response