diff --git a/package.json b/package.json
index cf81bc27c..e85611e3e 100644
--- a/package.json
+++ b/package.json
@@ -47,6 +47,7 @@
     "diff": "^8.0.2",
     "markdown-it": "^14.1.0",
     "markdown-it-video": "^0.6.3",
+    "ngx-cookie-service": "^19.1.2",
     "ngx-markdown-editor": "^5.3.4",
     "primeflex": "^4.0.0",
     "primeicons": "^7.0.0",
diff --git a/src/app/core/interceptors/auth.interceptor.ts b/src/app/core/interceptors/auth.interceptor.ts
index 2ab65c746..dd4ba3ad2 100644
--- a/src/app/core/interceptors/auth.interceptor.ts
+++ b/src/app/core/interceptors/auth.interceptor.ts
@@ -1,6 +1,9 @@
+import { CookieService } from 'ngx-cookie-service';
+
 import { Observable } from 'rxjs';
 
 import { HttpEvent, HttpHandlerFn, HttpInterceptorFn, HttpRequest } from '@angular/common/http';
+import { inject } from '@angular/core';
 
 import { environment } from 'src/environments/environment';
 
@@ -8,26 +11,40 @@ export const authInterceptor: HttpInterceptorFn = (
   req: HttpRequest<unknown>,
   next: HttpHandlerFn
 ): Observable<HttpEvent<unknown>> => {
+  const cookieService = inject(CookieService);
+  // TODO: remove this after the migration to the new auth approach is complete
   const authToken = 'UlO9O9GNKgVzJD7pUeY53jiQTKJ4U2znXVWNvh0KZQruoENuILx0IIYf9LoDz7Duq72EIm';
   // UlO9O9GNKgVzJD7pUeY53jiQTKJ4U2znXVWNvh0KZQruoENuILx0IIYf9LoDz7Duq72EIm kyrylo
   // 2rjFZwmdDG4rtKj7hGkEMO6XyHBM2lN7XBbsA1e8OqcFhOWu6Z7fQZiheu9RXtzSeVrgOt roman nastyuk
   // yZ485nN6MfhqvGrfU4Xk5BEnq0T6LM50nQ6H9VrYaMTaZUQNTuxnIwlp0Wpz879RCsK9GQ NM stage3
   const localStorageToken = localStorage.getItem('authToken');
+
   const token = localStorageToken || authToken;
-  if (token && !environment.production) {
-    if (!req.url.includes('/api.crossref.org/funders')) {
-      const authReq = req.clone({
-        setHeaders: {
-          Authorization: `Bearer ${token}`,
-          Accept: req.responseType === 'text' ? '*/*' : 'application/vnd.api+json',
-          'Content-Type': 'application/vnd.api+json',
-        },
-      });
-
-      return next(authReq);
-    } else {
-      return next(req);
+
+  const csrfToken = cookieService.get('api-csrf');
+
+  if (!req.url.includes('/api.crossref.org/funders')) {
+    const headers: Record<string, string> = {
+      Accept: req.responseType === 'text' ? '*/*' : 'application/vnd.api+json',
+      'Content-Type': 'application/vnd.api+json',
+    };
+    if (csrfToken) {
+      headers['X-CSRFToken'] = csrfToken;
     }
+
+    // TODO: remove this after the migration to the new auth approach is complete
+    if (token && !environment.production) {
+      headers['Authorization'] = `Bearer ${token}`;
+    }
+
+    const authReq = req.clone({
+      setHeaders: headers,
+      withCredentials: true,
+    });
+
+    return next(authReq);
+  } else {
+    return next(req);
   }
 
   return next(req);