diff --git a/fastapi_users/fastapi_users.py b/fastapi_users/fastapi_users.py
index 74edbb90..10a3fd69 100644
--- a/fastapi_users/fastapi_users.py
+++ b/fastapi_users/fastapi_users.py
@@ -1,5 +1,5 @@
 from collections.abc import Sequence
-from typing import Generic
+from typing import Generic, Literal
 
 from fastapi import APIRouter
 
@@ -19,7 +19,10 @@ try:
     from httpx_oauth.oauth2 import BaseOAuth2
 
     from fastapi_users.router import get_oauth_router
-    from fastapi_users.router.oauth import get_oauth_associate_router
+    from fastapi_users.router.oauth import (
+        CSRF_TOKEN_COOKIE_NAME,
+        get_oauth_associate_router,
+    )
 except ModuleNotFoundError:  # pragma: no cover
     BaseOAuth2 = type  # type: ignore
 
@@ -99,6 +102,13 @@ class FastAPIUsers(Generic[models.UP, models.ID]):
         redirect_url: str | None = None,
         associate_by_email: bool = False,
         is_verified_by_default: bool = False,
+        *,
+        csrf_token_cookie_name: str = CSRF_TOKEN_COOKIE_NAME,
+        csrf_token_cookie_path: str = "/",
+        csrf_token_cookie_domain: str | None = None,
+        csrf_token_cookie_secure: bool = True,
+        csrf_token_cookie_httponly: bool = True,
+        csrf_token_cookie_samesite: Literal["lax", "strict", "none"] = "lax",
     ) -> APIRouter:
         """
         Return an OAuth router for a given OAuth client and authentication backend.
@@ -113,6 +123,15 @@ class FastAPIUsers(Generic[models.UP, models.ID]):
         :param is_verified_by_default: If True, the `is_verified` flag will be
         set to `True` on newly created user. Make sure the OAuth Provider you're
         using does verify the email address before enabling this flag.
+        :param csrf_token_cookie_name: Name of the cookie.
+        :param csrf_token_cookie_path:  Cookie path.
+        :param csrf_token_cookie_domain: Cookie domain.
+        :param csrf_token_cookie_secure: Whether to only send the cookie to the
+        server via SSL request.
+        :param csrf_token_cookie_httponly: Whether to prevent access to the cookie
+        via JavaScript.
+        :param csrf_token_cookie_samesite: A string that specifies the samesite
+        strategy for the cookie. Valid values are lax, strict and none. Defaults to lax.
         """
         return get_oauth_router(
             oauth_client,
@@ -122,6 +141,12 @@ class FastAPIUsers(Generic[models.UP, models.ID]):
             redirect_url,
             associate_by_email,
             is_verified_by_default,
+            csrf_token_cookie_name=csrf_token_cookie_name,
+            csrf_token_cookie_path=csrf_token_cookie_path,
+            csrf_token_cookie_domain=csrf_token_cookie_domain,
+            csrf_token_cookie_secure=csrf_token_cookie_secure,
+            csrf_token_cookie_httponly=csrf_token_cookie_httponly,
+            csrf_token_cookie_samesite=csrf_token_cookie_samesite,
         )
 
     def get_oauth_associate_router(