Hi everyone! I'm currently learning Next.js and programming in general, so sorry if this is a basic question.

I have an external API (built with Fastify) that handles authentication and returns HttpOnly, secure, signed cookies (accessToken, refreshToken) after login.

What I’m trying to do:

I want to:

Log in to the external API from a Next.js API route (server-side).

Store the cookies returned by the external API in the user’s browser, exactly as they come (without modifying or recreating them).

Reuse those cookies in future server-side requests to the external API (like /session/refresh-token).

Be able to delete those cookies later.

What works:

When I do the entire flow on the client side, exemple /myapi/session/refresh-cookie or /myapi/login:
The external API sets the cookies the browser stores them they are sent back in future requests.

But when I try to do this server-side (inside a Next.js route handler):

The Set-Cookie header from the external API does not get stored in the browser.

I can read the cookies using cookies() and build a Cookie header, but when I send it to the external API, it doesnt receive them.

I don want to manually recreate or override the cookies, they are signed and HttpOnly.

My questions:

Is it possible in Next.js (App Router) to store cookies from an external API response in the browser, purely via server-side logic?

Can I forward those original cookies in future server-side requests to my external api without manually recreating them?

If this is not possible, is it acceptable/safe to keep this flow entirely on the client side, even with HttpOnly and signed cookies?

👉 Can someone point me to the correct workflow for the following?

External API sets the signed cookies → front-end receives and stores them → future requests (client or server) send them back to the external API as-is.

Thanks a lot in advance for any help!