A colleague just informed me that it is currently impossible to enable the "secure" flag for the 3rd party cookie.
This triggers a warning in browsers, because it is set to SameSite=None but not secure.