How can I prevent my cookies being blocked as Third Party Cookies?

I have an authentication workflow as follows:

  1. From the client I send encrypted user and password credentials in x-authorization header in a request to API entpoint example.net/login
  2. the response of this request sends back authorization cookies set with set-cookie in the header.
  3. The cookies are used in a subsequent request to example.net/user, where the endpoint validates the cookies.

Now, with current and upcoming policies regarding Third Party Cookies, the cookies set and forwarded via first response get blocked by modern browsers (it seems) and the endpoint example.net/user returns a 401 status code. It works when the user enables third party cookies in their browser.

Is there still any way of cookie based authorization possible, or any alternative authorization flow at all, without forcing the user to enable cookies in their browsers?

I tried setting the cookies manually in the client via javascript, since the first request also has the cookies as json in its response data. But nothing works so far.