diff --git a/src/instance/app.cfg.example b/src/instance/app.cfg.example
index 3c515c4f..009ac9fd 100644
--- a/src/instance/app.cfg.example
+++ b/src/instance/app.cfg.example
@@ -28,6 +28,9 @@ GLOBUS_ADMIN_FILE_USER_NAME = 'shirey'
 GLOBUS_GENOMIC_DATA_FILE_GROUP_NAME = 'hubseq'
 GLOBUS_CONSORTIUM_FILE_GROUP_NAME = 'hubmap'
 
+#Sets the domain for the cookie set upon login to the portal. Use `localhost` for local development
+COOKIE_DOMAIN = '.sennetconsortium.org'
+
 #Entity-api
 ENTITY_WEBSERVICE_URL = 'http://entity-api:8080'
 
diff --git a/src/routes/auth/__init__.py b/src/routes/auth/__init__.py
index 31fe9a5a..e1c8e91f 100644
--- a/src/routes/auth/__init__.py
+++ b/src/routes/auth/__init__.py
@@ -1,7 +1,8 @@
-from flask import Blueprint, redirect, request, session, current_app, Response
+from flask import Blueprint, redirect, request, session, current_app, Response, make_response
 from globus_sdk import AccessTokenAuthorizer, AuthClient, ConfidentialAppAuthClient
 import json
 import logging
+import base64
 
 from hubmap_commons.hm_auth import AuthHelper
 
@@ -102,8 +103,15 @@ def _login(redirect_uri, key = 'tokens'):
         session[key] = token_response.by_resource_server
 
         logger.info(f"Logged in User: {user_info['name']}")
-        # Finally redirect back to the client
-        return redirect(redirect_uri + '?info=' + str(json_str))
+
+        # encode this to avoid the \\" type strings when reading cookies from the client
+        b = base64.b64encode(bytes(json_str, 'utf-8'))  # bytes
+        base64_json_str = b.decode('utf-8')  # convert bytes to string
+
+        # create a response for the user
+        response = make_response(redirect(redirect_uri))
+        response.set_cookie('info', base64_json_str, expires=2**31 - 1, domain=current_app.config['COOKIE_DOMAIN'])
+        return response
 
 
 def _logout(redirect_uri, app_name, key='tokens'):