diff --git a/arkindex/project/settings.py b/arkindex/project/settings.py
index 6bc4d7886d6d85e5cbef3597b0e9bd09a981f080..ab68661c5fbb307da4475d5625b3c221ea762671 100644
--- a/arkindex/project/settings.py
+++ b/arkindex/project/settings.py
@@ -387,12 +387,12 @@ def samesite(name, default):
     return value
 
 
-CSRF_COOKIE_NAME = 'arkindex.csrf'
+CSRF_COOKIE_NAME = os.environ.get('CSRF_COOKIE_NAME', 'arkindex.csrf')
 CSRF_TRUSTED_ORIGINS = env2list('CSRF_TRUSTED_ORIGINS')
 CSRF_COOKIE_DOMAIN = os.environ.get('COOKIE_DOMAIN')
 CSRF_COOKIE_SAMESITE = samesite('CSRF', 'lax')
 
-SESSION_COOKIE_NAME = 'arkindex.auth'
+SESSION_COOKIE_NAME = os.environ.get('SESSION_COOKIE_NAME', 'arkindex.auth')
 SESSION_COOKIE_DOMAIN = os.environ.get('COOKIE_DOMAIN')
 SESSION_COOKIE_SAMESITE = samesite('SESSION', 'lax')
 # Required for authentication over websockets