diff --git a/apiserver/main.py b/apiserver/main.py
index 89546a251424d18ff57325e591c2ed22f163e4af..5cba6e03e92656b04198c171588483d36936acbf 100644
--- a/apiserver/main.py
+++ b/apiserver/main.py
@@ -142,7 +142,7 @@ async def keycloak_token(request: Request):
     # set token in cookie, this can then be extractet via the frontend javascript
     response = RedirectResponse("/login.html?external_auth=True")
     response.set_cookie(
-        key="datacat_auth_token", value=access_token, secure=True, domain=".localhost", expires=datetime.utcnow()+timedelta(minutes=5) # TODO get domain from settings
+        key="datacat_auth_token", value=access_token, secure=True, expires=datetime.utcnow()+timedelta(minutes=5) # TODO get domain from settings
     ) 
 
     return response