diff --git a/lib/authenticated-api/authenticated-api-props.ts b/lib/authenticated-api/authenticated-api-props.ts
index c61566f..8b7bbf9 100644
--- a/lib/authenticated-api/authenticated-api-props.ts
+++ b/lib/authenticated-api/authenticated-api-props.ts
@@ -19,6 +19,7 @@ export interface AuthenticatedApiProps {
   domainName: string;
   certificateArn: string;
   corsDomain?: string[];
+  corsAllowCredentials?: boolean;
 
   // Access logs via CloudWatch log group
   logging?: {
diff --git a/lib/authenticated-api/authenticated-api.ts b/lib/authenticated-api/authenticated-api.ts
index ed39577..96ad25d 100644
--- a/lib/authenticated-api/authenticated-api.ts
+++ b/lib/authenticated-api/authenticated-api.ts
@@ -55,7 +55,7 @@ export class AuthenticatedApi extends Construct {
         corsPreflight: {
           allowHeaders: ["*"],
           allowMethods: [apigatewayv2_alpha.CorsHttpMethod.ANY],
-          allowCredentials: true,
+          allowCredentials: props.corsAllowCredentials ?? true,
           allowOrigins: props.corsDomain,
         },
       }),
diff --git a/test/infra/authenticated-api/authenticated-api.test.ts b/test/infra/authenticated-api/authenticated-api.test.ts
index c90279e..0fd2a48 100644
--- a/test/infra/authenticated-api/authenticated-api.test.ts
+++ b/test/infra/authenticated-api/authenticated-api.test.ts
@@ -99,6 +99,15 @@ describe("AuthenticatedApi", () => {
         {
           Name: "test-MyTestAuthenticatedApi",
           ProtocolType: "HTTP",
+          CorsConfiguration: {
+            AllowCredentials: true,
+            AllowHeaders: ["*"],
+            AllowMethods: ["*"],
+            AllowOrigins: [
+              "http://localhost:4200",
+              `https://test-simple-authenticated-api.talis.com`,
+            ],
+          },
         },
       );
     });