diff --git a/lib/new-admin/README.md b/lib/new-admin/README.md
index 2f22b754..8de065dd 100644
--- a/lib/new-admin/README.md
+++ b/lib/new-admin/README.md
@@ -3,4 +3,4 @@
 Differences from main lamassu-admin:
 
 - `bin/new-lamassu-register <username>` to add a user
-- `bin/insecure-dev` to run the server
+- `bin/insecure-dev.sh` to run the server
diff --git a/lib/new-admin/admin-server.js b/lib/new-admin/admin-server.js
index 224982c9..72a5ee04 100644
--- a/lib/new-admin/admin-server.js
+++ b/lib/new-admin/admin-server.js
@@ -1,6 +1,7 @@
 const fs = require('fs')
 const express = require('express')
 const https = require('https')
+const cors = require('cors')
 const helmet = require('helmet')
 const cookieParser = require('cookie-parser')
 const { ApolloServer, AuthenticationError } = require('apollo-server-express')
@@ -49,6 +50,9 @@ apolloServer.applyMiddleware({
   }
 })
 
+// cors on app for /api/register endpoint.
+app.use(cors({ credentials: true, origin: devMode && 'https://localhost:3000' }))
+
 app.get('/api/register', (req, res, next) => {
   const otp = req.query.otp
 
diff --git a/new-lamassu-admin/src/pages/AuthRegister.js b/new-lamassu-admin/src/pages/AuthRegister.js
index 0e818930..e3e1152f 100644
--- a/new-lamassu-admin/src/pages/AuthRegister.js
+++ b/new-lamassu-admin/src/pages/AuthRegister.js
@@ -13,6 +13,9 @@ const AuthRegister = () => {
   useAxios({
     url: `https://localhost:8070/api/register?otp=${query.get('otp')}`,
     method: 'GET',
+    options: {
+      withCredentials: true
+    },
     trigger: [],
     customHandler: (err, res) => {
       if (err) return