diff --git a/api/src/utils/getPreProgramVariables.ts b/api/src/utils/getPreProgramVariables.ts
index e8a8fa8..5a9e512 100644
--- a/api/src/utils/getPreProgramVariables.ts
+++ b/api/src/utils/getPreProgramVariables.ts
@@ -6,12 +6,18 @@ export const getPreProgramVariables = (req: any): PreProgramVars => {
   const { user, accessToken } = req
   const csrfToken = req.headers['x-xsrf-token']
   const sessionId = req.cookies['connect.sid']
+  const { _csrf } = req.cookies
 
   const httpHeaders: string[] = []
 
   if (accessToken) httpHeaders.push(`Authorization: Bearer ${accessToken}`)
   if (csrfToken) httpHeaders.push(`x-xsrf-token: ${csrfToken}`)
-  if (sessionId) httpHeaders.push(`cookie: connect.sid=${sessionId}`)
+
+  const cookies: string[] = []
+  if (sessionId) cookies.push(`connect.sid=${sessionId}`)
+  if (_csrf) cookies.push(`_csrf=${_csrf}`)
+
+  if (cookies.length) httpHeaders.push(`cookie: ${cookies.join('; ')}`)
 
   return {
     username: user.username,