I have a backend based on the FARM stack by MongoDB (https://www.mongodb.com/developer/how-to/FARM-Stack-FastAPI-React-MongoDB/), with authentication (https://www.mongodb.com/developer/how-to/FARM-Stack-Authentication/).
Authentication works as it should on Fast API docs and Postman. When executing a successful user log in, it automatically sets the JWT HttpOnly cookie on the browser. When logged in, it removes the cookie again on logout.
When calling /login on front-end, it said following error in the Network tab: 
As the error states, I managed to fix this by setting the cookie options on the backend as following, and I could afterwards successfully login from a react front-end: 
Unfortunately, this doesn't work for the /logout call. This error occurs again, as the SET-COOKIE header tries to set an empty cookie, yet it can't due to the cookie having a SAMESITE="lax" as default, but I don't see a way to find out how to configure it for the /logout call in the backend.
My front-end /logout call looks like this, the same as /login:
How do I configure my front-end/back-end, so my front-end can successfully delete my cookie and successfully log out?
If you see
SameSite='Lax'as a warning in Chrome that means you don't send the header correctly.The main issue is about sending a header called
SameSite, Chrome is a little bit restricted when you have an invalid value the chrome browser defaults the value to'Lax', I had the same issue with FastAPI a couple of days ago and my issue is sendingNonewithout string'None'like this:When I made this mistake chrome defaults SameSite to STRING
'Lax', This is the issue in general, you need to useset_cookieand figure out what you're sending from the backend, and I recommend enabling that only in the development environment.