diff --git a/auth/oauth.py b/auth/oauth.py
index 90903583..ee474774 100644
--- a/auth/oauth.py
+++ b/auth/oauth.py
@@ -83,5 +83,7 @@ async def oauth_authorize(request):
 	}
 	user = Identity.identity_oauth(user_input)
 	token = await Authorize.authorize(user, device="pc")
-	redirect_uri = "%s%s" % (OAUTH_CALLBACK_URL, quote_plus(token))
-	return RedirectResponse(url = redirect_uri)
+
+	response = RedirectResponse(url = OAUTH_CALLBACK_URL)
+	response.set_cookie("token", token)
+	return response
diff --git a/settings.py b/settings.py
index 4a10faf4..3998a99f 100644
--- a/settings.py
+++ b/settings.py
@@ -5,7 +5,7 @@ PORT = 8080
 INBOX_SERVICE_PORT = 8081
 
 BACKEND_URL = environ.get("BACKEND_URL") or "https://localhost:8080"
-OAUTH_CALLBACK_URL = environ.get("OAUTH_CALLBACK_URL") or "https://localhost:8080/auth/key-"
+OAUTH_CALLBACK_URL = environ.get("OAUTH_CALLBACK_URL") or "https://localhost:8080"
 RESET_PWD_URL = environ.get("RESET_PWD_URL") or "https://localhost:8080/reset_pwd"
 
 DB_URL = environ.get("DATABASE_URL") or environ.get("DB_URL") or "sqlite:///db.sqlite3"