diff --git a/geomagio/api/secure/login.py b/geomagio/api/secure/login.py
index 9da5838a652f781cd00b3055edae73d54bfe2745..b4c8f5cd0890d1ac4e3dfb7ac4506a3d827ebc06 100644
--- a/geomagio/api/secure/login.py
+++ b/geomagio/api/secure/login.py
@@ -175,6 +175,9 @@ async def authorize(request: Request):
 async def login(request: Request):
     """Redirect to OpenID provider."""
     redirect_uri = request.url_for("authorize")
+    if "127.0.0.1" not in redirect_uri:
+        # 127.0.0.1 used for local dev, all others use https
+        redirect_uri = redirect_uri.replace("http://", "https://")
     # save original location
     if "Referer" in request.headers:
         request.session["after_authorize_redirect"] = request.headers["Referer"]