diff --git a/internal/auth/delivery/http/auth_http.go b/internal/auth/delivery/http/auth_http.go
index 2182a99..dcd9cbf 100644
--- a/internal/auth/delivery/http/auth_http.go
+++ b/internal/auth/delivery/http/auth_http.go
@@ -240,6 +240,7 @@ func (h *RequestHandler) handleAuthorize(ctx *http.RequestCtx) {
 func (h *RequestHandler) handleVerify(ctx *http.RequestCtx) {
 	ctx.Response.Header.Set(http.HeaderAccessControlAllowOrigin, h.config.Server.Domain)
 	ctx.SetContentType(common.MIMEApplicationJSONCharsetUTF8)
+	ctx.Request.Header.DelCookie("__Secure-csrf")
 
 	encoder := json.NewEncoder(ctx)