diff --git a/app/stores/AuthStore.js b/app/stores/AuthStore.js
index df7937ba..8deb015b 100644
--- a/app/stores/AuthStore.js
+++ b/app/stores/AuthStore.js
@@ -1,7 +1,7 @@
 // @flow
 import { observable, action, computed, autorun, runInAction } from 'mobx';
 import invariant from 'invariant';
-import Cookie from 'js-cookie';
+import { getCookie, setCookie, removeCookie } from 'tiny-cookie';
 import { client } from 'utils/ApiClient';
 import { stripSubdomain } from 'shared/utils/domains';
 import RootStore from 'stores/RootStore';
@@ -31,7 +31,7 @@ export default class AuthStore {
     this.rootStore = rootStore;
     this.user = data.user;
     this.team = data.team;
-    this.token = Cookie.get('accessToken');
+    this.token = getCookie('accessToken');
 
     if (this.token) setImmediate(() => this.fetch());
 
@@ -138,15 +138,15 @@ export default class AuthStore {
     this.token = null;
 
     // remove authentication token itself
-    Cookie.remove('accessToken', { path: '/' });
+    removeCookie('accessToken', { path: '/' });
 
     // remove session record on apex cookie
     const team = this.team;
     if (team) {
-      const sessions = Cookie.getJSON('sessions') || {};
+      const sessions = JSON.parse(getCookie('sessions') || '{}');
       delete sessions[team.id];
 
-      Cookie.set('sessions', JSON.stringify(sessions), {
+      setCookie('sessions', JSON.stringify(sessions), {
         domain: stripSubdomain(window.location.hostname),
       });
       this.team = null;
diff --git a/package.json b/package.json
index 3c3fa45b..40146bbe 100644
--- a/package.json
+++ b/package.json
@@ -105,7 +105,6 @@
     "imports-loader": "0.6.5",
     "invariant": "^2.2.2",
     "isomorphic-fetch": "2.2.1",
-    "js-cookie": "^2.2.0",
     "js-search": "^1.4.2",
     "json-loader": "0.5.4",
     "jsonwebtoken": "7.0.1",
@@ -163,6 +162,7 @@
     "styled-components-breakpoint": "^2.1.1",
     "styled-components-grid": "^2.2.1",
     "styled-normalize": "^8.0.4",
+    "tiny-cookie": "^2.3.1",
     "tmp": "0.0.33",
     "uglifyjs-webpack-plugin": "1.2.5",
     "url-loader": "^0.6.2",
diff --git a/server/middlewares/authentication.js b/server/middlewares/authentication.js
index ee3970e5..efeb5035 100644
--- a/server/middlewares/authentication.js
+++ b/server/middlewares/authentication.js
@@ -115,15 +115,19 @@ export default function auth(options?: { required?: boolean } = {}) {
       // to the teams subdomain if subdomains are enabled
       if (process.env.SUBDOMAINS_ENABLED === 'true' && team.subdomain) {
         // get any existing sessions (teams signed in) and add this team
-        const existing = JSON.parse(ctx.cookies.get('sessions') || '{}');
-        const sessions = JSON.stringify({
-          ...existing,
-          [team.id]: {
-            name: encodeURIComponent(team.name),
-            logoUrl: team.logoUrl,
-            url: encodeURIComponent(team.url),
-          },
-        });
+        const existing = JSON.parse(
+          decodeURIComponent(ctx.cookies.get('sessions') || '') || '{}'
+        );
+        const sessions = encodeURIComponent(
+          JSON.stringify({
+            ...existing,
+            [team.id]: {
+              name: team.name,
+              logoUrl: team.logoUrl,
+              url: team.url,
+            },
+          })
+        );
         ctx.cookies.set('sessions', sessions, {
           httpOnly: false,
           expires,
diff --git a/server/utils/renderpage.js b/server/utils/renderpage.js
index 5801c75c..f4007dd3 100644
--- a/server/utils/renderpage.js
+++ b/server/utils/renderpage.js
@@ -15,7 +15,9 @@ const sheet = new ServerStyleSheet();
 export default function renderpage(ctx: Object, children: React.Node) {
   let sessions = {};
   try {
-    sessions = JSON.parse(ctx.cookies.get('sessions') || '{}');
+    sessions = JSON.parse(
+      decodeURIComponent(ctx.cookies.get('sessions') || '') || '{}'
+    );
   } catch (err) {
     console.error(`Sessions cookie could not be parsed: ${err}`);
   }
diff --git a/yarn.lock b/yarn.lock
index 21ca9645..004f27b8 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -5468,10 +5468,6 @@ js-beautify@^1.6.11:
     mkdirp "~0.5.0"
     nopt "~3.0.1"
 
-js-cookie@^2.2.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/js-cookie/-/js-cookie-2.2.0.tgz#1b2c279a6eece380a12168b92485265b35b1effb"
-
 js-search@^1.4.2:
   version "1.4.2"
   resolved "https://registry.yarnpkg.com/js-search/-/js-search-1.4.2.tgz#59a91e117d6badb20bf0d7643ba7577d5a81d7e2"
@@ -9637,6 +9633,10 @@ timers-ext@0.1, timers-ext@^0.1.2:
     es5-ext "~0.10.14"
     next-tick "1"
 
+tiny-cookie@^2.3.1:
+  version "2.3.1"
+  resolved "https://registry.yarnpkg.com/tiny-cookie/-/tiny-cookie-2.3.1.tgz#f0ea9fa194f2aed631dcd5e69ac0d6587be928c8"
+
 tiny-emitter@^2.0.0:
   version "2.0.2"
   resolved "https://registry.yarnpkg.com/tiny-emitter/-/tiny-emitter-2.0.2.tgz#82d27468aca5ade8e5fd1e6d22b57dd43ebdfb7c"