diff --git a/src/fastapi_oauth2/__init__.py b/src/fastapi_oauth2/__init__.py
index 80256cd..81a2814 100644
--- a/src/fastapi_oauth2/__init__.py
+++ b/src/fastapi_oauth2/__init__.py
@@ -1 +1 @@
-__version__ = "1.0.0-beta.2"
+__version__ = "1.0.0-beta.3"
diff --git a/src/fastapi_oauth2/core.py b/src/fastapi_oauth2/core.py
index 14917e4..1eb6c59 100644
--- a/src/fastapi_oauth2/core.py
+++ b/src/fastapi_oauth2/core.py
@@ -132,7 +132,8 @@ async def token_redirect(self, request: Request, **kwargs) -> RedirectResponse:
             value=f"Bearer {access_token}",
             max_age=request.auth.expires,
             expires=request.auth.expires,
-            httponly=request.auth.http,
+            secure=not request.auth.http,
+            httponly=True,
         )
         return response