I’m working on a React frontend with Axios for API requests, and an Express backend with CORS and cookie-parser. My goal is to manage authentication using refresh tokens and access tokens. On login, the refresh token is sent as an HTTP-only cookie, which works fine in Postman, but when sending the same request through Axios, I’m encountering an issue. After the access token expires, I’m sending a request to the /refresh-token endpoint. However, despite setting withCredentials: true in Axios and configuring CORS with origin: true and credentials: true in the backend, req.cookies is still null. The frontend and backend are running on the same host but different ports. Has anyone encountered this problem? Any tips or advice on how to fix this?

LLMs keep asking me to recheck things which are already correct

I tried by setting same site as strict none and lax too, but as said it works fine with postman but not the react app