diff --git a/app/core/src/main/resources/static/js/fetch-utils.js b/app/core/src/main/resources/static/js/fetch-utils.js
index 3d202e47b..5946dc100 100644
--- a/app/core/src/main/resources/static/js/fetch-utils.js
+++ b/app/core/src/main/resources/static/js/fetch-utils.js
@@ -56,7 +56,7 @@ window.JWTManager = {
         sessionStorage.removeItem(this.JWT_STORAGE_KEY);
         
         // Clear JWT cookie manually (fallback)
-        document.cookie = 'STIRLING_JWT=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; SameSite=None; Secure';
+        document.cookie = 'stirling_jwt=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; SameSite=None; Secure';
         
         // Perform logout request to clear server-side session
         fetch('/logout', {
diff --git a/app/core/src/main/resources/static/js/jwt-init.js b/app/core/src/main/resources/static/js/jwt-init.js
index 72741013b..4a8218c47 100644
--- a/app/core/src/main/resources/static/js/jwt-init.js
+++ b/app/core/src/main/resources/static/js/jwt-init.js
@@ -20,13 +20,13 @@
     function extractTokenFromCookie() {
         const cookieValue = document.cookie
             .split('; ')
-            .find(row => row.startsWith('STIRLING_JWT='))
+            .find(row => row.startsWith('stirling_jwt='))
             ?.split('=')[1];
         
         if (cookieValue) {
             window.JWTManager.storeToken(cookieValue);
             // Clear the cookie since we're using localStorage with consistent SameSite policy
-            document.cookie = 'STIRLING_JWT=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; SameSite=None; Secure';
+            document.cookie = 'stirling_jwt=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; SameSite=None; Secure';
         }
     }
 
diff --git a/app/proprietary/src/test/java/stirling/software/proprietary/security/service/JwtServiceTest.java b/app/proprietary/src/test/java/stirling/software/proprietary/security/service/JwtServiceTest.java
index 6f419e280..d108d7db9 100644
--- a/app/proprietary/src/test/java/stirling/software/proprietary/security/service/JwtServiceTest.java
+++ b/app/proprietary/src/test/java/stirling/software/proprietary/security/service/JwtServiceTest.java
@@ -67,7 +67,7 @@ class JwtServiceTest {
         String token = jwtService.generateToken(authentication, Collections.emptyMap());
 
         assertNotNull(token);
-        assertTrue(!token.isEmpty());
+        assertFalse(token.isEmpty());
         assertEquals(username, jwtService.extractUsername(token));
     }
 
@@ -106,25 +106,6 @@ class JwtServiceTest {
         });
     }
 
-    // fixme
-//    @Test
-//    void testValidateTokenWithExpiredToken() {
-//        // Create a token that expires immediately
-//        JWTService shortLivedJwtService = new JWTService(true);
-//        String token = shortLivedJwtService.generateToken("testuser", new HashMap<>());
-//
-//        // Wait a bit to ensure expiration
-//        try {
-//            Thread.sleep(10);
-//        } catch (InterruptedException e) {
-//            Thread.currentThread().interrupt();
-//        }
-//
-//        assertThrows(AuthenticationFailureException.class, () -> {
-//            shortLivedJwtService.validateToken(token);
-//        });
-//    }
-
     @Test
     void testValidateTokenWithMalformedToken() {
         AuthenticationFailureException exception = assertThrows(AuthenticationFailureException.class, () -> {
@@ -184,24 +165,6 @@ class JwtServiceTest {
         assertThrows(AuthenticationFailureException.class, () -> jwtService.extractAllClaims("invalid-token"));
     }
 
-    // fixme
-//    @Test
-//    void testIsTokenExpired() {
-//        String token = jwtService.generateToken("testuser", new HashMap<>());
-//        assertFalse(jwtService.isTokenExpired(token));
-//
-//        JWTService shortLivedJwtService = new JWTService();
-//        String expiredToken = shortLivedJwtService.generateToken("testuser", new HashMap<>());
-//
-//        try {
-//            Thread.sleep(10);
-//        } catch (InterruptedException e) {
-//            Thread.currentThread().interrupt();
-//        }
-//
-//        assertThrows(AuthenticationFailureException.class, () -> shortLivedJwtService.isTokenExpired(expiredToken));
-//    }
-
     @Test
     void testExtractTokenFromRequestWithAuthorizationHeader() {
         String token = "test-token";
@@ -213,7 +176,7 @@ class JwtServiceTest {
     @Test
     void testExtractTokenFromRequestWithCookie() {
         String token = "test-token";
-        Cookie[] cookies = { new Cookie("STIRLING_JWT", token) };
+        Cookie[] cookies = { new Cookie("stirling_jwt", token) };
         when(request.getHeader("Authorization")).thenReturn(null);
         when(request.getCookies()).thenReturn(cookies);
 
@@ -252,18 +215,17 @@ class JwtServiceTest {
         jwtService.addTokenToResponse(response, token);
 
         verify(response).setHeader("Authorization", "Bearer " + token);
-        verify(response).addHeader(eq("Set-Cookie"), contains("STIRLING_JWT=" + token));
+        verify(response).addHeader(eq("Set-Cookie"), contains("stirling_jwt=" + token));
         verify(response).addHeader(eq("Set-Cookie"), contains("HttpOnly"));
         verify(response).addHeader(eq("Set-Cookie"), contains("Secure"));
-//        verify(response).addHeader(eq("Set-Cookie"), contains("SameSite=Strict"));
     }
 
     @Test
     void testClearTokenFromResponse() {
         jwtService.clearTokenFromResponse(response);
 
-        verify(response).setHeader("Authorization", "");
-        verify(response).addHeader(eq("Set-Cookie"), contains("STIRLING_JWT="));
+        verify(response).setHeader("Authorization", null);
+        verify(response).addHeader(eq("Set-Cookie"), contains("stirling_jwt="));
         verify(response).addHeader(eq("Set-Cookie"), contains("Max-Age=0"));
     }
 }
diff --git a/proprietary/src/main/java/stirling/software/proprietary/security/service/JwtService.java b/proprietary/src/main/java/stirling/software/proprietary/security/service/JwtService.java
index 5b1bb8ec2..2ae2197b8 100644
--- a/proprietary/src/main/java/stirling/software/proprietary/security/service/JwtService.java
+++ b/proprietary/src/main/java/stirling/software/proprietary/security/service/JwtService.java
@@ -34,7 +34,7 @@ import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticatedPrin
 @Service
 public class JwtService implements JwtServiceInterface {
 
-    private static final String JWT_COOKIE_NAME = "STIRLING_JWT";
+    private static final String JWT_COOKIE_NAME = "stirling_jwt";
     private static final String AUTHORIZATION_HEADER = "Authorization";
     private static final String BEARER_PREFIX = "Bearer ";
     private static final String ISSUER = "Stirling PDF";
@@ -80,7 +80,6 @@ public class JwtService implements JwtServiceInterface {
     public void validateToken(String token) throws AuthenticationFailureException {
         extractAllClaimsFromToken(token);
 
-        // todo: test
         if (isTokenExpired(token)) {
             throw new AuthenticationFailureException("The token has expired");
         }
@@ -174,7 +173,6 @@ public class JwtService implements JwtServiceInterface {
 
     @Override
     public void clearTokenFromResponse(HttpServletResponse response) {
-        // Remove Authorization header instead of setting empty string
         response.setHeader(AUTHORIZATION_HEADER, null);
 
         ResponseCookie cookie =