diff --git a/apiserver/main.py b/apiserver/main.py
index 25da3af9a686ba17a818ad5f2eecac177c9184fb..89546a251424d18ff57325e591c2ed22f163e4af 100644
--- a/apiserver/main.py
+++ b/apiserver/main.py
@@ -140,7 +140,7 @@ async def keycloak_token(request: Request):
     log.debug("Externally authenticed User: '%s' requested /keycloak_token", datacat_user.username)
 
     # set token in cookie, this can then be extractet via the frontend javascript
-    response = RedirectResponse("http://localhost:9000/login.html?external_auth=True")
+    response = RedirectResponse("/login.html?external_auth=True")
     response.set_cookie(
         key="datacat_auth_token", value=access_token, secure=True, domain=".localhost", expires=datetime.utcnow()+timedelta(minutes=5) # TODO get domain from settings
     )