diff --git a/src/metabase/middleware/session.clj b/src/metabase/middleware/session.clj
index 9ccb9fc5bde409e83bac86a33368400a76e84688..640f41499a6812a98a6864286c6a3563e0558ae8 100644
--- a/src/metabase/middleware/session.clj
+++ b/src/metabase/middleware/session.clj
@@ -83,7 +83,6 @@
        (merge
         {:same-site :lax
          :http-only true
-         :path      "/api"
          :max-age   (config/config-int :max-session-age)}
         ;; If the authentication request request was made over HTTPS (hopefully always except for local dev instances)
         ;; add `Secure` attribute so the cookie is only sent over HTTPS.