(Payload V2) Multi-tenant Payload auth cookie not sent to NextJS frontend

I have a multi-tenant payload app along with a NextJS frontend.

When I perform a log-in on my NextJS frontend, no cookie is visible from my browser's cookies window. I log in as a guest account to access my frontend which is behind a password protection page. I know that the log-in is successful because the request is a 200 and I have access to my frontend. However, no cookie gets generated in my app.

The log in request is being made using NextJS server action

I have no csrf settings in my Payload instance, and CORS is set to accept all endpoints as my frontend is multi-tenant. My NextJS frontend is running on a different domain to my Payload backend

Is there something I need to do on the payload side to allow my cookie to become available for my user?

For reference, this is what my fetch request looks like

'use server'

const res = await fetch(
            `${process.env.NEXT_PUBLIC_SERVER_URL}/api/v1/users/login`,
  {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
    },
    body: JSON.stringify({
      password,
      email,
    }),
  }).then((res) => res.json())
    .catch((err) => createServerErrorResponse(undefined));

if (res.errors) {
  if (res.errors[0].message.includes('The email or password provided is incorrect')) {
      return createServerErrorResponse('Incorrect password');
  }
  return createServerErrorResponse(undefined);
} else {
  console.log('logging in');

  draftMode().enable();
  redirect(`/`);
}