diff --git a/weed/security/jwt.go b/weed/security/jwt.go
index 446c3c21d..d859e9ea8 100644
--- a/weed/security/jwt.go
+++ b/weed/security/jwt.go
@@ -83,6 +83,14 @@ func GetJwt(r *http.Request) EncodedJwt {
 		}
 	}
 
+	// Get token from http only cookie
+	if tokenStr == "" {
+		token, err := r.Cookie("AT")
+		if err == nil {
+			tokenStr = token.Value
+		}
+	}
+
 	return EncodedJwt(tokenStr)
 }