diff --git a/libs/server/auth/src/lib/core/cookies.ts b/libs/server/auth/src/lib/core/cookies.ts
index 76cb8daf..9f3e4773 100644
--- a/libs/server/auth/src/lib/core/cookies.ts
+++ b/libs/server/auth/src/lib/core/cookies.ts
@@ -6,6 +6,10 @@ const options: SetOption = {
   secure: true,
   sameSite: 'strict',
   path: '/authorize', // set to only the /authorize path so it is sent on both /refresh & /revoke
+  // ZTP_AFTER_CLONE You may want to delete the domain below so that it defaults to the host
+  // This is set so the the demo site works and the cookie is sent to both
+  // https://api.zero-to-production.dev && https://fns.zero-to-production.dev
+  domain: 'zero-to-production.dev',
 };
 
 export function setRefreshTokenCookie(cookies: Cookies, refreshToken?: string) {