diff --git a/pkg/schemaserver/server/validate.go b/pkg/schemaserver/server/validate.go
index 13d4705..4242266 100644
--- a/pkg/schemaserver/server/validate.go
+++ b/pkg/schemaserver/server/validate.go
@@ -60,7 +60,7 @@ func CheckCSRF(apiOp *types.APIRequest) error {
 			Secure: true,
 		}
 
-		http.SetCookie(apiContext.Response, cookie)
+		http.SetCookie(apiOp.Response, cookie)
 	} else if err != nil {
 		return httperror.NewAPIError(validation.InvalidCSRFToken, "Failed to parse cookies")
 	} else if apiOp.Method != http.MethodGet {