diff --git a/TES/tes/apiendpoints.py b/TES/tes/apiendpoints.py
index 8df948ffdfede7ce5e77b6b4ae4c362ef10bb5d8..76c8f34930404cc968d1d7d6c02a31870e93fd18 100644
--- a/TES/tes/apiendpoints.py
+++ b/TES/tes/apiendpoints.py
@@ -475,7 +475,7 @@ class CreateTunnel(Resource):
                    localbind=localbind, authtok=authtok)
         response = make_response("")
         response.mime_type = 'application/json'
-        response.set_cookie('twsproxyauth', authtok)
+        response.set_cookie('twsproxyauth', authtok, httponly=True)
         logger.debug('JobConnect.connect: connecting via redirect with cookie authtok set to  {}'.format(authtok))
         return response