Browsers these day’s don’t accept or like 3rd party cookies. A third party cookie is a cookie set by a website that is not on the same domain as the main site you are accessing. The way to get around this correctly is to have a custom domain name that is shared by both the Mendix app and the underlying iFrame.
Safari has always blocked third party cookies, but it’s only recently that Chrome has updated it’s policies to match. So you should have your Mendix app share the same domain name as your iFrame e.g. both on example.com.
You would have this seem issue if you were developing in any other language or tool, it’s a browser restriction and not a Mendix specific issue.
I helped develop https://templates.mendix.com/ which leverages iframes to show previews of the apps. Each of the preview apps in the iFrame uses *.mendix.com to ensure that we can set cookies. If i had the underlying iframe apps as *.mendixcloud.com we would have an issue.