diff --git a/.changelog/14343.txt b/.changelog/14343.txt
new file mode 100644
index 000000000..94e7432b4
--- /dev/null
+++ b/.changelog/14343.txt
@@ -0,0 +1,4 @@
+```release-note:feature
+ui: Use withCredentials for all HTTP API requests
+```
+
diff --git a/ui/packages/consul-ui/app/services/client/http.js b/ui/packages/consul-ui/app/services/client/http.js
index 6d3659c22..9b7736501 100644
--- a/ui/packages/consul-ui/app/services/client/http.js
+++ b/ui/packages/consul-ui/app/services/client/http.js
@@ -210,6 +210,7 @@ export default class HttpService extends Service {
     return this.settings.findBySlug('token').then(token => {
       return fetch(`${path}`, {
         ...params,
+        credentials: 'include',
         headers: {
           'X-Consul-Token': typeof token.SecretID === 'undefined' ? '' : token.SecretID,
           ...params.headers,
diff --git a/ui/packages/consul-ui/app/utils/http/xhr.js b/ui/packages/consul-ui/app/utils/http/xhr.js
index cbdea6411..8ef24a019 100644
--- a/ui/packages/consul-ui/app/utils/http/xhr.js
+++ b/ui/packages/consul-ui/app/utils/http/xhr.js
@@ -27,6 +27,7 @@ export default function(parseHeaders, XHR) {
     };
     Object.entries(headers).forEach(([key, value]) => xhr.setRequestHeader(key, value));
     options.beforeSend(xhr);
+    xhr.withCredentials = true;
     xhr.send(options.body);
     return xhr;
   };