diff --git a/src/Api/Startup.cs b/src/Api/Startup.cs
index 915667a5ed..e9cc54f22c 100644
--- a/src/Api/Startup.cs
+++ b/src/Api/Startup.cs
@@ -280,7 +280,7 @@ namespace Bit.Api
                 AllowedScopes = new string[] { "api" },
                 Authority = env.IsProduction() ? "https://api.bitwarden.com" : env.IsEnvironment("Preview") ?
                     "https://preview-api.bitwarden.com" : "http://localhost:4000",
-                RequireHttpsMetadata = !env.IsDevelopment(),
+                RequireHttpsMetadata = env.IsProduction(),
                 ApiName = "api",
                 NameClaimType = ClaimTypes.Email,
                 // Version "2" until we retire the old jwt scheme and replace it with this one.