diff --git a/api-server/server/middlewares/csurf.js b/api-server/server/middlewares/csurf.js
index e21c2e638c9..af7ecafb094 100644
--- a/api-server/server/middlewares/csurf.js
+++ b/api-server/server/middlewares/csurf.js
@@ -5,7 +5,7 @@ export default function() {
     cookie: {
       domain: process.env.COOKIE_DOMAIN || 'localhost',
       sameSite: 'strict',
-      secure: true
+      secure: process.env.FREECODECAMP_NODE_ENV === 'production'
     }
   });
   return function csrf(req, res, next) {