diff --git a/src/app/geosource/services/elasticsearch.service.ts b/src/app/geosource/services/elasticsearch.service.ts
index c548b3dc9504b247654d464dffb793ee9b79ec73..8def563cb11eacbaaf71328e70e1177fe3ef9f24 100644
--- a/src/app/geosource/services/elasticsearch.service.ts
+++ b/src/app/geosource/services/elasticsearch.service.ts
@@ -1,15 +1,13 @@
-import { environment } from '../../../environments/environment';
 import { Injectable } from '@angular/core';
 import {
   ElasticsearchOptions, IElasticsearchResponse,
   SearchSuggestion, SearchCompletion, Filter,
 } from '../models';
 import { HttpClient } from '@angular/common/http';
-import { Observable, of } from 'rxjs';
+import { Observable } from 'rxjs';
 import { map, catchError } from 'rxjs/operators';
-import { ErrorService, AppConfigService } from '../../core/services';
+import { ErrorService } from '../../core/services';
 import { notificationMessages } from '../../../i18n/traductions';
-import { StorageService } from '../../core/services/storage.service';
 import { IPostsESOptions } from '../models/elasticsearch-options.model';
 import { Aggregation } from '../models/filter.model';
 import { scopesResearch } from '../models/scopes-research';
@@ -22,8 +20,6 @@ export class ElasticsearchService {
 
   constructor(
     private _errorService: ErrorService,
-    private _storageService: StorageService,
-    private _appConfigService: AppConfigService,
     private _http: HttpClient,
   ) {
     this.elasticSearchUrl = `${APP_CONFIG.backendUrls.elasticsearch}` +
@@ -69,6 +65,7 @@ export class ElasticsearchService {
 
   getDatasetMetadata(id: number | string): Observable<IElasticsearchResponse> {
     return this._http.request<IElasticsearchResponse>('POST', this.elasticSearchUrl, {
+      withCredentials: true,
       body: {
         from: 0,
         size: 1,
@@ -130,6 +127,7 @@ export class ElasticsearchService {
     }
     return this._http.request<IElasticsearchResponse>('POST', this.elasticSearchUrl, {
       body,
+      withCredentials: true,
     }).pipe(
       catchError(
         (err) => {
@@ -196,6 +194,7 @@ export class ElasticsearchService {
 
     return this._http.request<IElasticsearchResponse>('POST', this.elasticSearchUrl, {
       body: request,
+      withCredentials: true,
     }).pipe(
       map((e) => {
         // We will loop over all the hits, look if an highlight have been found,
@@ -245,6 +244,7 @@ export class ElasticsearchService {
       .replace(/\&\&/g, '\\&&'); // replace &&
 
     return this._http.request<IElasticsearchResponse>('POST', this.elasticSearchUrl, {
+      withCredentials: true,
       body: {
         _source: false,
         query: {
@@ -332,6 +332,7 @@ export class ElasticsearchService {
   */
   getSuggestion(query: string): Observable<SearchSuggestion> {
     return this._http.request<IElasticsearchResponse>('POST', this.elasticSearchUrl, {
+      withCredentials: true,
       body: {
         suggest: {
           text: query,
@@ -384,6 +385,7 @@ export class ElasticsearchService {
 
     // Set query string options
     const requestOptions = {
+      withCredentials: true,
       body: {
         from,
         size: options.pageSize,
@@ -727,6 +729,7 @@ export class ElasticsearchService {
   getNumberDatasetsByOrganization() {
     // Set query string options
     const requestOptions = {
+      withCredentials: true,
       body: {
         from: 0,
         size: 0,
@@ -788,6 +791,7 @@ export class ElasticsearchService {
 
   getDatasetChildren(uuid: string): Observable<IElasticsearchResponse> {
     return this._http.request<IElasticsearchResponse>('POST', this.elasticSearchUrl, {
+      withCredentials: true,
       body: {
         size: 500,
         _source: ['metadata-fr.title', 'metadata-fr.geonet:info.uuid', 'metadata-fr.image'],
@@ -820,6 +824,7 @@ export class ElasticsearchService {
 
   getDatasetParentInfo(uuid: string): Observable<IElasticsearchResponse> {
     return this._http.request<IElasticsearchResponse>('POST', this.elasticSearchUrl, {
+      withCredentials: true,
       body: {
         _source: ['metadata-fr.title', 'metadata-fr.image'],
         query: {
@@ -870,6 +875,7 @@ export class ElasticsearchService {
 
     return this._http.request<IElasticsearchResponse>('POST', this.elasticSearchUrl, {
       body,
+      withCredentials: true,
     }).pipe(
       catchError(
         (err) => {
@@ -882,6 +888,7 @@ export class ElasticsearchService {
   getDataFromCoordinates(filter, metadataId) {
     // Set query string options
     const requestOptions = {
+      withCredentials: true,
       body: {
         size: 1,
         query: {
@@ -930,6 +937,7 @@ export class ElasticsearchService {
   getWPPosts(options?: ElasticsearchOptions) {
 
     const requestOptions = {
+      withCredentials: true,
       body: {
       },
     };
@@ -993,6 +1001,7 @@ export class ElasticsearchService {
   */
   getPosts(options?: IPostsESOptions): Observable<IElasticsearchResponse> {
     const requestOptions = {
+      withCredentials: true,
       body: {
         query: {
           bool: {
@@ -1065,6 +1074,7 @@ export class ElasticsearchService {
 
   getLatestDatasets(size?: number) {
     const requestOptions = {
+      withCredentials: true,
       body: {
         from: 0,
         size: (size ? size : 5),
diff --git a/src/app/user/interceptors/auth-interceptor.ts b/src/app/user/interceptors/auth-interceptor.ts
index 9cec9ac205a530cbbf6da900d7d4567b048d0253..2f8f113eaf85d5183915cb387743d1faed7300e5 100644
--- a/src/app/user/interceptors/auth-interceptor.ts
+++ b/src/app/user/interceptors/auth-interceptor.ts
@@ -16,7 +16,6 @@ export class AuthInterceptor implements HttpInterceptor {
     if (xsrfToken) {
       request = req.clone({
         headers: req.headers.set('x-xsrf-token', xsrfToken),
-        withCredentials: true,
       });
     }
     return next.handle(request);
diff --git a/src/app/user/services/user-services.service.ts b/src/app/user/services/user-services.service.ts
index 32315f277043d80f09b36b93d41a0cb9e0ad4a80..432e03fcedbc5b8e96b1c5b6649395deeb8a4bea 100644
--- a/src/app/user/services/user-services.service.ts
+++ b/src/app/user/services/user-services.service.ts
@@ -15,7 +15,10 @@ export class UserServicesService {
   ) { }
 
   getUserResources(): Observable<IResource[]> {
-    return this._http.get<IResource[]>(`${APP_CONFIG.backendUrls.middlewareLegacyAuth}user/resources`);
+    return this._http.get<IResource[]>(
+      `${APP_CONFIG.backendUrls.middlewareLegacyAuth}user/resources`,
+      { withCredentials: true },
+    );
   }
 
   getRestrictedAccessDatasets(): Observable<IRestrictedAccessDataset[]> {
@@ -31,6 +34,7 @@ export class UserServicesService {
     return this._http.post<AccessRequestToResourceResponse>(
       `${APP_CONFIG.backendUrls.middlewareLegacyAuth}user/resources/add`,
       resource,
+      { withCredentials: true },
     );
   }
 
@@ -38,6 +42,7 @@ export class UserServicesService {
     return this._http.post<RenewAccessToResourceResponse>(
       `${APP_CONFIG.backendUrls.middlewareLegacyAuth}user/resources/renew`,
       resource,
+      { withCredentials: true },
     );
   }
 
@@ -45,7 +50,7 @@ export class UserServicesService {
     return this._http.request<DeleteAccessToRessourceResponse>(
       'delete', // HTTP verb
       `${APP_CONFIG.backendUrls.middlewareLegacyAuth}user/resources/delete`, // url
-      { body: resource }, // options
+      { body: resource, withCredentials: true }, // options
     );
   }
 }
diff --git a/src/app/user/services/user.service.ts b/src/app/user/services/user.service.ts
index 1c14a4389677783711336c5191ac77b0a4fa7402..07da6c90ce1aac86c4dc5744e68d4b5ea966e975 100644
--- a/src/app/user/services/user.service.ts
+++ b/src/app/user/services/user.service.ts
@@ -49,6 +49,7 @@ export class UserService {
   resetAuth() {
     localStorage.removeItem('userInfo');
     localStorage.removeItem('xsrfToken');
+    document.cookie = 'access_token=; expires=Thu, 01 Jan 1970 00:00:01 GMT;';
     this._user = null;
     this._userStatusChangedSubject.next(false);
   }
@@ -76,7 +77,11 @@ export class UserService {
         },
       ),
       mergeMap(() => {
-        return this._http.post<ILoginResponse>(`${APP_CONFIG.backendUrls.auth}login/legacy`, form);
+        return this._http.post<ILoginResponse>(
+          `${APP_CONFIG.backendUrls.auth}login/legacy`,
+          form,
+          { withCredentials: true },
+        );
       }),
       map(
         (res) => {
@@ -111,11 +116,15 @@ export class UserService {
   }
 
   getUserInfo(): Observable<IUserInfo> {
-    return this._http.get<IUserInfo>(`${APP_CONFIG.backendUrls.auth}user`);
+    return this._http.get<IUserInfo>(`${APP_CONFIG.backendUrls.auth}user`, { withCredentials: true });
   }
 
   updateUserInfo(info: IUserInfo): Observable<{ token: string }> {
-    return this._http.put<{ token: string }>(`${APP_CONFIG.backendUrls.auth}user/update`, info);
+    return this._http.put<{ token: string }>(
+      `${APP_CONFIG.backendUrls.auth}user/update`,
+      info,
+      { withCredentials: true },
+    );
   }
 
   updateUserPassword(passwordUpdateform: PasswordUpdateForm): Observable<void> {
@@ -129,7 +138,11 @@ export class UserService {
         },
       ),
       mergeMap(() => {
-        return this._http.put<void>(`${APP_CONFIG.backendUrls.middlewareLegacyAuth}user/updatePassword`, form);
+        return this._http.put<void>(
+          `${APP_CONFIG.backendUrls.middlewareLegacyAuth}user/updatePassword`,
+          form,
+          { withCredentials: true },
+        );
       }),
     );
   }
@@ -160,13 +173,17 @@ export class UserService {
       ),
       mergeMap(() => {
         // tslint:disable-next-line:max-line-length
-        return this._http.put<void>(`${APP_CONFIG.backendUrls.middlewareLegacyAuth}user/resetPassword`, { token, password: encryptedPassword });
+        return this._http.put<void>(
+          `${APP_CONFIG.backendUrls.middlewareLegacyAuth}user/resetPassword`,
+          { token, password: encryptedPassword },
+          { withCredentials: true },
+        );
       }),
     );
   }
 
   deleteAccount(): Observable<void> {
-    return this._http.delete<any>(`${APP_CONFIG.backendUrls.middlewareLegacyAuth}user`).pipe(
+    return this._http.delete<any>(`${APP_CONFIG.backendUrls.middlewareLegacyAuth}user`, { withCredentials: true }).pipe(
       map(
         (res) => {
           return;