Tell fetch to include the cookies from the browser using the credentials init parameter. You can find some examples here.
Another way is to set the cookies manually like I do in one of my add-ons to allow using cookies from non-default container/contextual identity. You can read about in an older topic.
If it’s your API you have under control, you may try to switch from cookie-base authentication to some other HTTP header, that can be used for auth using some credentials or tokens supplied by the user.
I hope these options will help you. If that’s viable for you, I would recommend the first or the last one.