diff --git a/modules/security/jwtService.py b/modules/security/jwtService.py
index 2be45c5b..87e226c7 100644
--- a/modules/security/jwtService.py
+++ b/modules/security/jwtService.py
@@ -82,10 +82,13 @@ def clearAccessTokenCookie(response: Response) -> None:
     Clear access token cookie by setting it to expire immediately.
     Uses both raw header manipulation and FastAPI's delete_cookie for maximum browser compatibility.
     """
+    # Build secure flag based on environment
+    secure_flag = "; Secure" if USE_SECURE_COOKIES else ""
+    
     # Primary method: Raw Set-Cookie header for guaranteed deletion
     response.headers.append(
         "Set-Cookie",
-        f"auth_token=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; SameSite=Strict"
+        f"auth_token=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly{secure_flag}; SameSite=Strict"
     )
     
     # Fallback: Also use FastAPI's built-in method
@@ -97,10 +100,13 @@ def clearRefreshTokenCookie(response: Response) -> None:
     Clear refresh token cookie by setting it to expire immediately.
     Uses both raw header manipulation and FastAPI's delete_cookie for maximum browser compatibility.
     """
+    # Build secure flag based on environment
+    secure_flag = "; Secure" if USE_SECURE_COOKIES else ""
+    
     # Primary method: Raw Set-Cookie header for guaranteed deletion
     response.headers.append(
         "Set-Cookie",
-        f"refresh_token=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; SameSite=Strict"
+        f"refresh_token=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly{secure_flag}; SameSite=Strict"
     )
     
     # Fallback: Also use FastAPI's built-in method