diff --git a/backend/api/auth_api.py b/backend/api/auth_api.py
index cf38307..07066b0 100644
--- a/backend/api/auth_api.py
+++ b/backend/api/auth_api.py
@@ -86,14 +86,14 @@ def _set_auth_cookies(resp, access_token: str, raw_refresh_token: str):
         'refresh_token', raw_refresh_token,
         httponly=True, secure=True, samesite='Strict',
         max_age=expiry_days * 24 * 3600,
-        path='/auth',
+        path='/api/auth',
     )
 
 
 def _clear_auth_cookies(resp):
     """Clear both access and refresh token cookies."""
     resp.set_cookie('access_token', '', expires=0, httponly=True, secure=True, samesite='Strict')
-    resp.set_cookie('refresh_token', '', expires=0, httponly=True, secure=True, samesite='Strict', path='/auth')
+    resp.set_cookie('refresh_token', '', expires=0, httponly=True, secure=True, samesite='Strict', path='/api/auth')
 
 
 def _purge_expired_tokens(user_id: str):