diff --git a/packages/core-service/src/core/auth/auth.controller.ts b/packages/core-service/src/core/auth/auth.controller.ts
index 019bd4f..4566aa9 100644
--- a/packages/core-service/src/core/auth/auth.controller.ts
+++ b/packages/core-service/src/core/auth/auth.controller.ts
@@ -45,7 +45,7 @@ export class AuthController {
 
     // Refresh-Token als HttpOnly Cookie setzen (NICHT im localStorage!)
     // Regel: Kein localStorage fuer Tokens
-    this.setRefreshTokenCookie(res, result.accessToken);
+    this.setRefreshTokenCookie(res, result.refreshToken);
 
     return {
       accessToken: result.accessToken,
diff --git a/packages/core-service/src/core/auth/auth.service.ts b/packages/core-service/src/core/auth/auth.service.ts
index b0cdc51..f12c20f 100644
--- a/packages/core-service/src/core/auth/auth.service.ts
+++ b/packages/core-service/src/core/auth/auth.service.ts
@@ -21,6 +21,7 @@ interface TokenPair {
 
 interface LoginResponse {
   accessToken: string;
+  refreshToken: string;
   user: {
     id: string;
     email: string;
@@ -151,6 +152,7 @@ export class AuthService {
 
     return {
       accessToken: tokens.accessToken,
+      refreshToken: tokens.refreshToken,
       user: {
         id: user.id,
         email: user.email,