I'm new to cookies and I'm having an issue to set HttpOnly cookie from server to web client.

Here's my setup:

Server is on domain: https://api.app.domain.com (express app), Web app in on domain: https://app.domain.com (react app with axios),

The request headers (by chrome) are:

POST: https://api.app.domain.com/v1/auth/login

:authority: api.app.domain.com
:method: POST
:path: /v1/auth/login
:scheme: https
accept: application/json, text/plain, */*
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
content-length: 77
content-type: application/json
dnt: 1
origin: https://app.domain.com
referer: https://app.domain.com/
sec-ch-ua: "Chromium";v="112", "Google Chrome";v="112", "Not:A-Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36

Then cookie from server to web:

Express app

res.cookie('token', 123, {
    domain: '.domain.com',
    httpOnly: true,
    sameSite: 'none',
    secure: true,
    maxAge: REFRESH_TOKEN_MAX_AGE // 1 day
  });

The response headers are:

Status: 200 OK

access-control-allow-credentials: true
access-control-allow-origin: https://app.domain.com
content-length: 583
content-type: application/json; charset=utf-8
date: Tue, 02 May 2023 16:10:19 GMT
etag: W/"247-DMj6v5cQud6ZdNKa2dTsFn+r4ss"
server: nginx/1.14.0 (Ubuntu)
set-cookie: token=123; Max-Age=86400; Domain=.domain.com; Path=/; Expires=Tue, 02 May 2023 16:10:19 GMT; HttpOnly; Secure; SameSite=None
vary: Origin
x-powered-by: Express

Also today is: Tue, 01 May 2023 and third party cookies are allowed in browser,

The cookie is received by the browser but the browser is not set the cookie and I can see it come from response tab in devtool but not in cookies tab.

Please help me understand the issue here.

I also try with different browser but same result.