diff --git a/CHANGELOG.md b/CHANGELOG.md
index 24db15d0dc..e90a153ae8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -68,6 +68,7 @@ The following sections list the changes for unreleased.
 * Enhancement - Bump keycloak: [#8687](https://github.com/owncloud/ocis/pull/8687)
 * Enhancement - Bump Reva: [#8701](https://github.com/owncloud/ocis/pull/8701)
 * Enhancement - Initiator-IDs: [#8701](https://github.com/owncloud/ocis/pull/8701)
+* Enhancement - Make IDP cookies same site strict: [#8716](https://github.com/owncloud/ocis/pull/8716)
 
 ## Details
 
@@ -317,6 +318,21 @@ The following sections list the changes for unreleased.
 
    https://github.com/owncloud/ocis/pull/8701
 
+* Enhancement - Make IDP cookies same site strict: [#8716](https://github.com/owncloud/ocis/pull/8716)
+
+   To enhance the security of our application and prevent Cross-Site Request
+   Forgery (CSRF) attacks, we have updated the SameSite attribute of the build in
+   Identity Provider (IDP) cookies to Strict.
+
+   This change restricts the browser from sending these cookies with any cross-site
+   requests, thereby limiting the exposure of the user's session to potential
+   threats.
+
+   This update does not impact the existing functionality of the application but
+   provides an additional layer of security where needed.
+
+   https://github.com/owncloud/ocis/pull/8716
+
 # Changelog for [5.0.0] (2024-03-18)
 
 The following sections list the changes for 5.0.0.