Unable to get/access CSRF Token in login api response headers #20265

Summary

We are using matter most APIs in our frontend application. For login, we are hitting our own server, which is again hitting the matter most server.
In general, when I check the matter most deployed applications, they are sending a few headers in the login API response, which are used to set for subsequent requests.
Screenshot 2022-05-23 at 7 29 15 PM
But when we hit the login API from our server, we are not getting the CSRF token in the response headers. It’s the same when I hit the API from the postman
Screenshot 2022-05-23 at 7 29 56 PM

Screenshot 2022-05-23 at 7 30 03 PM

Is there a way to get the CSRF cookie in the login API response header?

Steps to reproduce

As mentioned above

Expected behavior

We should be able to access the CSRF token in the login API response, even when we hit it from our server.

Observed behavior (that appears unintentional)

NA

Possible fixes

NA