diff --git a/src/main/java/com/ceos/bankids/controller/UserController.java b/src/main/java/com/ceos/bankids/controller/UserController.java
index 03b2272c..03061334 100644
--- a/src/main/java/com/ceos/bankids/controller/UserController.java
+++ b/src/main/java/com/ceos/bankids/controller/UserController.java
@@ -3,6 +3,7 @@
 import com.ceos.bankids.config.CommonResponse;
 import com.ceos.bankids.controller.request.ExpoRequest;
 import com.ceos.bankids.controller.request.FamilyRequest;
+import com.ceos.bankids.controller.request.TokenRequest;
 import com.ceos.bankids.controller.request.UserTypeRequest;
 import com.ceos.bankids.controller.request.WithdrawalRequest;
 import com.ceos.bankids.domain.User;
@@ -29,7 +30,6 @@
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.CookieValue;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PatchMapping;
@@ -68,14 +68,14 @@ public CommonResponse<UserDTO> patchUserType(@AuthenticationPrincipal User authU
     @ApiOperation(value = "토큰 리프레시")
     @PatchMapping(value = "/refresh", produces = "application/json; charset=utf-8")
     @ResponseBody
-    public CommonResponse<LoginDTO> refreshUserToken(
-        @CookieValue("refreshToken") String refreshToken, HttpServletResponse response) {
+    public CommonResponse<LoginDTO> refreshUserToken(@Valid @RequestBody TokenRequest tokenRequest,
+        HttpServletResponse response) {
 
         log.info("api = 토큰 리프레시");
-        User user = userService.getUserByRefreshToken(refreshToken);
+        User user = userService.getUserByRefreshToken(tokenRequest.getAccessToken());
         LoginDTO loginDTO = userService.issueNewTokens(user, user.getProvider());
 
-        userService.setNewCookie(user, response);
+//        userService.setNewCookie(user, response);
         return CommonResponse.onSuccess(loginDTO);
     }
 
@@ -148,7 +148,7 @@ public CommonResponse<UserDTO> patchExpoToken(@AuthenticationPrincipal User auth
         log.info("api = 유저 엑스포 토큰 등록, user = {}", authUser.getUsername());
         User user = userService.updateUserExpoToken(authUser, expoRequest);
 
-        userService.setNewCookie(user, response);
+//        userService.setNewCookie(user, response);
         return CommonResponse.onSuccess(null);
     }
 
diff --git a/src/main/java/com/ceos/bankids/controller/request/TokenRequest.java b/src/main/java/com/ceos/bankids/controller/request/TokenRequest.java
new file mode 100644
index 00000000..53b57ba1
--- /dev/null
+++ b/src/main/java/com/ceos/bankids/controller/request/TokenRequest.java
@@ -0,0 +1,25 @@
+package com.ceos.bankids.controller.request;
+
+import io.swagger.annotations.ApiModelProperty;
+import javax.validation.constraints.NotNull;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+@Getter
+@Setter
+@EqualsAndHashCode
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+@ToString
+public class TokenRequest {
+
+    @ApiModelProperty(example = "asdfasdfasdf")
+    @NotNull(message = "accessToken may not be null")
+    private String accessToken;
+}
diff --git a/src/main/java/com/ceos/bankids/service/UserService.java b/src/main/java/com/ceos/bankids/service/UserService.java
index 72e6de37..f89b257d 100644
--- a/src/main/java/com/ceos/bankids/service/UserService.java
+++ b/src/main/java/com/ceos/bankids/service/UserService.java
@@ -9,7 +9,6 @@
 import com.ceos.bankids.dto.OptInDTO;
 import com.ceos.bankids.dto.UserDTO;
 import com.ceos.bankids.dto.oauth.KakaoUserDTO;
-import javax.servlet.http.HttpServletResponse;
 import org.springframework.stereotype.Service;
 
 @Service
@@ -24,7 +23,7 @@ public LoginDTO loginWithAppleAuthenticationCode(String authenticationCode,
 
     public LoginDTO issueNewTokens(User user, String provider);
 
-    public void setNewCookie(User user, HttpServletResponse response);
+//    public void setNewCookie(User user, HttpServletResponse response);
 
     public MyPageDTO getUserInformation(User user);
 
diff --git a/src/main/java/com/ceos/bankids/service/UserServiceImpl.java b/src/main/java/com/ceos/bankids/service/UserServiceImpl.java
index 27c4c550..5f72456e 100644
--- a/src/main/java/com/ceos/bankids/service/UserServiceImpl.java
+++ b/src/main/java/com/ceos/bankids/service/UserServiceImpl.java
@@ -24,7 +24,6 @@
 import java.util.Calendar;
 import java.util.Optional;
 import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
@@ -163,17 +162,17 @@ public LoginDTO issueNewTokens(User user, String provider) {
         return loginDTO;
     }
 
-    @Override
-    @Transactional
-    public void setNewCookie(User user, HttpServletResponse response) {
-        Cookie cookie = new Cookie("refreshToken", user.getRefreshToken());
-        cookie.setMaxAge(14 * 24 * 60 * 60);
-        cookie.setSecure(true);
-        cookie.setHttpOnly(true);
-        cookie.setPath("/");
-
-        response.addCookie(cookie);
-    }
+//    @Override
+//    @Transactional
+//    public void setNewCookie(User user, HttpServletResponse response) {
+//        Cookie cookie = new Cookie("refreshToken", user.getRefreshToken());
+//        cookie.setMaxAge(14 * 24 * 60 * 60);
+//        cookie.setSecure(true);
+//        cookie.setHttpOnly(true);
+//        cookie.setPath("/");
+//
+//        response.addCookie(cookie);
+//    }
 
     @Override
     @Transactional
diff --git a/src/test/java/com/ceos/bankids/unit/controller/UserControllerTest.java b/src/test/java/com/ceos/bankids/unit/controller/UserControllerTest.java
index 3e401f0f..e3b8f89c 100644
--- a/src/test/java/com/ceos/bankids/unit/controller/UserControllerTest.java
+++ b/src/test/java/com/ceos/bankids/unit/controller/UserControllerTest.java
@@ -5,6 +5,7 @@
 import com.ceos.bankids.controller.UserController;
 import com.ceos.bankids.controller.request.ExpoRequest;
 import com.ceos.bankids.controller.request.FamilyRequest;
+import com.ceos.bankids.controller.request.TokenRequest;
 import com.ceos.bankids.controller.request.UserTypeRequest;
 import com.ceos.bankids.controller.request.WithdrawalRequest;
 import com.ceos.bankids.domain.Family;
@@ -571,7 +572,7 @@ public void testIfParentTokenRefreshSucceedThenReturnResult() {
             slackService,
             notificationService
         );
-        CommonResponse result = userController.refreshUserToken("rT", response);
+        CommonResponse result = userController.refreshUserToken(new TokenRequest("rT"), response);
 
         // then
         LoginDTO loginDTO = new LoginDTO(false, "aT", user.getProvider());
@@ -638,7 +639,7 @@ public void testIfKidTokenRefreshSucceedThenReturnResult() {
             notificationService
         );
 
-        CommonResponse result = userController.refreshUserToken("rT", response);
+        CommonResponse result = userController.refreshUserToken(new TokenRequest("rT"), response);
 
         // then
         LoginDTO loginDTO = new LoginDTO(true, "aT", 1L, user.getProvider());
@@ -701,7 +702,7 @@ public void testIfUserTokenRefreshSucceedThenReturnResult() {
             notificationService
         );
 
-        CommonResponse result = userController.refreshUserToken("rT", response);
+        CommonResponse result = userController.refreshUserToken(new TokenRequest("rT"), response);
 
         // then
         LoginDTO loginDTO = new LoginDTO(null, "aT", user.getProvider());