die php-Einstellungen

ini_set('session.cookie_samesite', 'None');
ini_set('session.cookie_secure', 'true');

waren hier zielführend.

https://community.shopify.com/c/shopify-apis-and-sdks/samesite-cookie-via-htaccess-file/td-p/644341

https://stackoverflow.com/questions/63539472/chrome-not-keeping-my-session-vars-when-coming-from-3rd-party-iframe-but-works