diff --git a/services/workflows-service/src/main.ts b/services/workflows-service/src/main.ts
index 10778a9b7e..ca9b2be11a 100644
--- a/services/workflows-service/src/main.ts
+++ b/services/workflows-service/src/main.ts
@@ -99,7 +99,7 @@ const main = async () => {
       name: 'session',
       keys: [env.SESSION_SECRET],
       httpOnly: env.ENVIRONMENT_NAME !== 'local',
-      secure: true,
+      secure: env.ENVIRONMENT_NAME !== 'local',
       // lax - Cookies are sent with same-site requests and some cross-site GET requests.
       sameSite: env.ENVIRONMENT_NAME !== 'local' ? 'strict' : 'lax',
       maxAge: 1000 * 60 * env.SESSION_EXPIRATION_IN_MINUTES,