diff --git a/src/Infrastructure/DependencyInjection.cs b/src/Infrastructure/DependencyInjection.cs
index 4c2c6e1c..f053e941 100644
--- a/src/Infrastructure/DependencyInjection.cs
+++ b/src/Infrastructure/DependencyInjection.cs
@@ -308,10 +308,17 @@ private static IServiceCollection AddAuthenticationService(this IServiceCollecti
 
         services.AddSingleton<IPasswordService, PasswordService>();
 
+        CookieSecurePolicy policy = CookieSecurePolicy.SameAsRequest;
+        if(configuration["IdentitySettings:SecureCookies"] is not null && configuration["IdentitySettings:SecureCookies"]!.Equals("True", StringComparison.CurrentCultureIgnoreCase))
+        {
+            policy = CookieSecurePolicy.Always;
+        }
+        
+
         services.ConfigureApplicationCookie(options => {
             options.LoginPath = "/pages/authentication/login";
             options.Cookie.SameSite = SameSiteMode.Strict;
-            options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
+            options.Cookie.SecurePolicy = policy;
         });
 
         services
diff --git a/src/Server.UI/appsettings.json b/src/Server.UI/appsettings.json
index 41383042..5296281c 100644
--- a/src/Server.UI/appsettings.json
+++ b/src/Server.UI/appsettings.json
@@ -70,7 +70,8 @@
     "RequireUpperCase": true,
     "RequireLowerCase": true,
     "DefaultLockoutTimeSpan": 30,
-    "MaxFailedAccessAttempts": 5
+    "MaxFailedAccessAttempts": 5,
+    "SecureCookies": true
   },
   "Notify": {
     "ApiKey": "",