diff --git a/app/api/base.py b/app/api/base.py
index 80f57b2a..da3076f6 100644
--- a/app/api/base.py
+++ b/app/api/base.py
@@ -5,7 +5,6 @@ import arrow
 from flask import Blueprint, request, jsonify, g
 from flask_login import current_user
 
-from app import constants
 from app.db import Session
 from app.models import ApiKey
 
@@ -19,9 +18,10 @@ def authorize_request() -> Optional[Tuple[str, int]]:
     api_key = ApiKey.get_by(code=api_code)
 
     if not api_key:
-        if current_user.is_authenticated and request.headers.get(
-            constants.HEADER_ALLOW_API_COOKIES
-        ):
+        if current_user.is_authenticated:
+            # if current_user.is_authenticated and request.headers.get(
+            #    constants.HEADER_ALLOW_API_COOKIES
+            # ):
             g.user = current_user
         else:
             return jsonify(error="Wrong api key"), 401
diff --git a/app/onboarding/views/index.py b/app/onboarding/views/index.py
index 36f86842..fdea3025 100644
--- a/app/onboarding/views/index.py
+++ b/app/onboarding/views/index.py
@@ -1,7 +1,13 @@
 from app.onboarding.base import onboarding_bp
-from flask import render_template
+from flask import render_template, url_for, redirect
 
 
 @onboarding_bp.route("/", methods=["GET"])
 def index():
-    return render_template("onboarding/index.html")
+    # Do the redirect to ensure cookies are set because they are SameSite=lax/strict
+    return redirect(url_for("onboarding.setup"))
+
+
+@onboarding_bp.route("/setup", methods=["GET"])
+def setup():
+    return render_template("onboarding/setup.html")
diff --git a/templates/onboarding/index.html b/templates/onboarding/setup.html
similarity index 81%
rename from templates/onboarding/index.html
rename to templates/onboarding/setup.html
index 274da187..0e213881 100644
--- a/templates/onboarding/index.html
+++ b/templates/onboarding/setup.html
@@ -19,7 +19,10 @@
     <div class="mt-8 text-center">
       {% if current_user != None and current_user.is_authenticated %}
 
-        <h2 class="text-black-50" style="font-size:2rem">Performing the extension setup...</h2>
+        <h2 class="text-black-50" style="font-size:2rem">
+          Automatically performing extension setup.
+          If the setup doesn't start in a couple seconds click <a onclick="sendSetupMessage()" class="text-primary">here</a>
+        </h2>
       {% else %}
         <a class="mx-6 p-4 text-decoration-none"
            style="background:black;
@@ -41,6 +44,10 @@
   {% if current_user != None and current_user.is_authenticated %}
 
     <script type="text/javascript">
+    function sendSetupMessage(){
+        const data = { tag: "PERFORM_EXTENSION_SETUP" };
+        window.postMessage(data, "/");
+    }
         let counterIterations = 5;
         let extensionSetupIntervalId = setInterval(function() {
             counterIterations--;
@@ -48,9 +55,7 @@
                 clearInterval(extensionSetupIntervalId);
                 return;
             }
-
-            const data = { tag: "PERFORM_EXTENSION_SETUP" };
-            window.postMessage(data, "/");
+            sendSetupMessage()
         }, 300); // Send it many times, in case the extension had not registered the listener yet
     </script>
   {% endif %}