diff --git a/app/api/auth.py b/app/api/auth.py
index b9ce637..4d8edb0 100644
--- a/app/api/auth.py
+++ b/app/api/auth.py
@@ -66,8 +66,8 @@ def _set_refresh_cookie(response: Response, token: str):
         key="refresh_token",
         value=token,
         httponly=True,
-        secure=True,
-        samesite="strict",
+        secure=False,  # Nginx가 TLS 종료, 내부 트래픽은 HTTP
+        samesite="lax",
         max_age=REFRESH_TOKEN_EXPIRE_DAYS * 86400,
         path="/api/auth",
     )