diff --git a/carbonserver/carbonserver/api/routers/authenticate.py b/carbonserver/carbonserver/api/routers/authenticate.py
index 47cd43252..58e698dd2 100644
--- a/carbonserver/carbonserver/api/routers/authenticate.py
+++ b/carbonserver/carbonserver/api/routers/authenticate.py
@@ -118,7 +118,8 @@ async def get_login(
             SESSION_COOKIE_NAME,
             res.json()["access_token"],
             httponly=True,
-            secure=False,
+            secure=True,
+            samesite='Lax',
         )
         return response