diff --git a/server/Recruit-Api/src/main/java/com/econovation/recruit/api/user/controller/UserController.java b/server/Recruit-Api/src/main/java/com/econovation/recruit/api/user/controller/UserController.java
index dffcf029..d268b72d 100644
--- a/server/Recruit-Api/src/main/java/com/econovation/recruit/api/user/controller/UserController.java
+++ b/server/Recruit-Api/src/main/java/com/econovation/recruit/api/user/controller/UserController.java
@@ -16,6 +16,9 @@
 import com.econovation.recruitdomain.domains.interviewer.domain.Role;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletResponse;
 import javax.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -54,8 +57,20 @@ public ResponseEntity<TokenResponse> issueToken() {
 
     @Operation(summary = "로그인합니다.", description = "accessToken, refreshToken을 발급합니다.")
     @PostMapping("/login")
-    public ResponseEntity<TokenResponse> login(@RequestBody LoginRequestDto loginRequestDto) {
+    public ResponseEntity<TokenResponse> login(@RequestBody LoginRequestDto loginRequestDto, HttpServletResponse response) {
         TokenResponse tokenResponse = userLoginUseCase.execute(loginRequestDto);
+        Cookie accessCookie = new Cookie("ACCESSTOKEN", tokenResponse.getAccessToken());
+        accessCookie.setHttpOnly(true);
+        accessCookie.setPath("/");
+        accessCookie.setMaxAge(60 * 60 * 24 * 30);
+        response.addCookie(accessCookie);
+        
+        Cookie refreshCookie = new Cookie("REFRESHTOKEN", tokenResponse.getRefreshToken());
+        accessCookie.setHttpOnly(true);
+        accessCookie.setPath("/");
+        accessCookie.setMaxAge(60 * 60 * 24 * 30);
+        response.addCookie(refreshCookie);
+
         return new ResponseEntity<>(tokenResponse, HttpStatus.OK);
     }