diff --git a/server/server.go b/server/server.go
index a846d23f47dbf..ac7bea160d0b3 100644
--- a/server/server.go
+++ b/server/server.go
@@ -486,7 +486,7 @@ func (a *ArgoCDServer) newGRPCServer() *grpc.Server {
 // TranslateGrpcCookieHeader conditionally sets a cookie on the response.
 func (a *ArgoCDServer) translateGrpcCookieHeader(ctx context.Context, w http.ResponseWriter, resp golang_proto.Message) error {
 	if sessionResp, ok := resp.(*sessionpkg.SessionResponse); ok {
-		flags := []string{"path=/"}
+		flags := []string{"path=/", "SameSite=lax", "httpOnly"}
 		if !a.Insecure {
 			flags = append(flags, "Secure")
 		}