diff --git a/src/main/java/com/moplus/moplus_server/global/security/handler/EmailPasswordSuccessHandler.java b/src/main/java/com/moplus/moplus_server/global/security/handler/EmailPasswordSuccessHandler.java
index 9fe78fc..f5ebad6 100644
--- a/src/main/java/com/moplus/moplus_server/global/security/handler/EmailPasswordSuccessHandler.java
+++ b/src/main/java/com/moplus/moplus_server/global/security/handler/EmailPasswordSuccessHandler.java
@@ -1,10 +1,13 @@
 package com.moplus.moplus_server.global.security.handler;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.moplus.moplus_server.domain.member.domain.Member;
-import com.moplus.moplus_server.global.security.AuthConstants;
 import com.moplus.moplus_server.global.security.utils.JwtUtil;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
@@ -15,15 +18,23 @@
 public class EmailPasswordSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
 
     private final JwtUtil jwtUtil;
+    private final ObjectMapper objectMapper = new ObjectMapper(); // JSON 변환을 위한 ObjectMapper
 
     @Override
     public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response,
-                                        final Authentication authentication) {
+                                        final Authentication authentication) throws IOException {
         Member member = (Member) authentication.getPrincipal();
         String accessToken = jwtUtil.generateAccessToken(member);
         String refreshToken = jwtUtil.generateRefreshToken(member);
-        response.addHeader(AuthConstants.AUTH_HEADER, AuthConstants.TOKEN_TYPE + " " + accessToken);
-        response.addHeader(AuthConstants.REFRESH_TOKEN_HEADER, AuthConstants.TOKEN_TYPE + " " + refreshToken);
+
+        // JSON 응답 생성
+        Map<String, String> tokenResponse = new HashMap<>();
+        tokenResponse.put("accessToken", accessToken);
+        tokenResponse.put("refreshToken", refreshToken);
+
+        response.setContentType("application/json");
+        response.setCharacterEncoding("UTF-8");
+        response.getWriter().write(objectMapper.writeValueAsString(tokenResponse));
     }
 
 }
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 3e3b140..6e09489 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -17,6 +17,8 @@ cors-allowed-origins:
   http://dev.mopl.kr,
   https://prod.mopl.kr,
   http://prod.mopl.kr,
+  
   http://localhost:3000,
+  http://localhost:5173,
   https://www.mopl.kr,
   http://www.mopl.kr
\ No newline at end of file
diff --git a/src/test/java/com/moplus/moplus_server/domain/auth/controller/AuthControllerTest.java b/src/test/java/com/moplus/moplus_server/domain/auth/controller/AuthControllerTest.java
index 95ee4e7..4d87cb3 100644
--- a/src/test/java/com/moplus/moplus_server/domain/auth/controller/AuthControllerTest.java
+++ b/src/test/java/com/moplus/moplus_server/domain/auth/controller/AuthControllerTest.java
@@ -1,7 +1,7 @@
 package com.moplus.moplus_server.domain.auth.controller;
 
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
@@ -56,12 +56,12 @@ class 어드민_로그인 {
             mockMvc.perform(MockMvcRequestBuilders.post("/api/v1/auth/admin/login")
                             .contentType("application/json")
                             .content(requestBody))
-                    .andExpect(status().isOk()) // 200 응답 확인
-                    .andExpect(header().exists("Authorization"))
-                    .andExpect(header().exists("RefreshToken"));
-
+                    .andExpect(status().isOk()) // HTTP 200 응답 확인
+                    .andExpect(jsonPath("$.accessToken").isNotEmpty()) // accessToken 필드 존재 여부 확인
+                    .andExpect(jsonPath("$.refreshToken").isNotEmpty()); // refreshToken 필드 존재 여부 확인
         }
 
+
         @Test
         void 잘못된_요청_본문() throws Exception {