diff --git a/src/main/java/hello/cluebackend/domain/user/presentation/RegisterController.java b/src/main/java/hello/cluebackend/domain/user/presentation/RegisterController.java
index 11f6154a..a93c64c3 100644
--- a/src/main/java/hello/cluebackend/domain/user/presentation/RegisterController.java
+++ b/src/main/java/hello/cluebackend/domain/user/presentation/RegisterController.java
@@ -7,6 +7,7 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpSession;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
diff --git a/src/main/java/hello/cluebackend/global/config/CustomSuccessHandler.java b/src/main/java/hello/cluebackend/global/config/CustomSuccessHandler.java
index 2d533894..0e75e4b6 100644
--- a/src/main/java/hello/cluebackend/global/config/CustomSuccessHandler.java
+++ b/src/main/java/hello/cluebackend/global/config/CustomSuccessHandler.java
@@ -70,7 +70,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
     private Cookie createCookie(String key, String value) {
         Cookie cookie = new Cookie(key, value);
         cookie.setMaxAge(7 * 24  * 60 * 60);
-        // cookie.setSecure(true);
+         cookie.setSecure(true);
         cookie.setPath("/");
         cookie.setHttpOnly(true);
 
diff --git a/src/main/java/hello/cluebackend/global/config/SecurityConfig.java b/src/main/java/hello/cluebackend/global/config/SecurityConfig.java
index 32c46ffc..38110635 100644
--- a/src/main/java/hello/cluebackend/global/config/SecurityConfig.java
+++ b/src/main/java/hello/cluebackend/global/config/SecurityConfig.java
@@ -95,7 +95,8 @@ public SecurityFilterChain apiChain(HttpSecurity http) throws Exception {
                         .requestMatchers(
                                 "/", "/refresh-token", "/h2-console/**",
                                 "/favicon.ico", "/error",
-                                "/swagger-ui/**", "/swagger-resources/**", "/v3/api-docs/**"
+                                "/swagger-ui/**", "/swagger-resources/**", "/v3/api-docs/**",
+                                "/test"
                         ).permitAll()
                         .anyRequest().authenticated()
                 )
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 618174ea..7515e8ec 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -73,5 +73,11 @@ front:
   base-url: ${FRONT_BASE_URL}
 
 server:
+  servlet:
+    session:
+      cookie:
+        same-site: none
+        secure: true
+
   address: 0.0.0.0
   port: 8080
\ No newline at end of file