diff --git a/server/src/main/java/server/haengdong/config/AdminInterceptor.java b/server/src/main/java/server/haengdong/config/AdminInterceptor.java
index da9149b29..c3ca1c943 100644
--- a/server/src/main/java/server/haengdong/config/AdminInterceptor.java
+++ b/server/src/main/java/server/haengdong/config/AdminInterceptor.java
@@ -3,6 +3,7 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpMethod;
 import org.springframework.web.servlet.HandlerInterceptor;
 import server.haengdong.application.AuthService;
 import server.haengdong.exception.AuthenticationException;
@@ -23,8 +24,8 @@ public AdminInterceptor(AuthService authService, AuthenticationExtractor authent
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
         log.trace("login request = {}", request.getRequestURI());
 
-        String method = request.getMethod();
-        if (method.equals("GET")) {
+        HttpMethod method = HttpMethod.valueOf(request.getMethod());
+        if (HttpMethod.GET.equals(method) || HttpMethod.OPTIONS.equals(method)) {
             return true;
         }
 
diff --git a/server/src/main/resources/application.yml b/server/src/main/resources/application.yml
index e3465c9ad..28c87485f 100644
--- a/server/src/main/resources/application.yml
+++ b/server/src/main/resources/application.yml
@@ -29,7 +29,7 @@ security:
       expire-length: 604800 # 1주일
 
 cookie:
-  http-only: true
+  http-only: false
   secure: false
   path: /
   max-age: 7D