diff --git a/src/auth/AuthManager.ts b/src/auth/AuthManager.ts
index c5bb188..a9dce8a 100644
--- a/src/auth/AuthManager.ts
+++ b/src/auth/AuthManager.ts
@@ -223,9 +223,17 @@ export class AuthManager {
 
   private async getNewLoginForm() {
     if (this.serverType === ServerType.Sasjs) {
-      // server will be sending CSRF cookie,
+      // server will be sending CSRF token in response,
+      // need to save in cookie so that,
       // http client will use it automatically
-      return this.requestClient.get('/', undefined)
+      return this.requestClient.get('/', undefined).then(({ result }) => {
+        const cookie =
+          /<script>document.cookie = '(XSRF-TOKEN=.*; Max-Age=86400; SameSite=Strict; Path=\/;)'<\/script>/.exec(
+            result as string
+          )?.[1]
+
+        if (cookie) document.cookie = cookie
+      })
     }
 
     const { result: formResponse } = await this.requestClient.get<string>(
diff --git a/src/request/RequestClient.ts b/src/request/RequestClient.ts
index 1a096a4..c1753ba 100644
--- a/src/request/RequestClient.ts
+++ b/src/request/RequestClient.ts
@@ -500,11 +500,19 @@ export class RequestClient implements HttpClient {
     }
 
     if (e instanceof InvalidCsrfError) {
-      // Fetching root will inject CSRF token in cookie
+      // Fetching root and creating CSRF cookie
       await this.httpClient
         .get('/', {
           withCredentials: true
         })
+        .then((response) => {
+          const cookie =
+            /<script>document.cookie = '(XSRF-TOKEN=.*; Max-Age=86400; SameSite=Strict; Path=\/;)'<\/script>/.exec(
+              response.data
+            )?.[1]
+
+          if (cookie) document.cookie = cookie
+        })
         .catch((err) => {
           throw prefixMessage(err, 'Error while re-fetching CSRF token.')
         })