Express/Heroku - Cookie set on server web app instead of client web app
Herokuapp.com is included in the Mozilla Foundation’s Public Suffix List so it will prevent you from setting cookies on herokuapp.com or *.herokuapp.com. You can check the list here.
I recommend you hosting it on any other cloud provider which can help you to set cookies.
Also, you can check the heroku dev center why it is not allowed to set cookies. It might help you to understand the issue is not with the code, it is with the hosting.
If you ever run in to this issue, it's a mix of what Apoorva kindly helped with above and adding your server side to a subdomain of the client's domain.
When both server and client were set to client : "customdomain.com" respectively server : api.customdomain.com, the cookie could then be set as:.cookie("Authorization", "Bearer " + token, {httpOnly: true,maxAge: 3600000,domain: "gigvilla.com",
// below to be added when running on https // sameSite: "none", // secure: true,})the "domain" part made sure the cookie was set for client side as well.