diff --git a/proxy/auth/common.go b/proxy/auth/common.go
index b03c226e7..0d41db804 100644
--- a/proxy/auth/common.go
+++ b/proxy/auth/common.go
@@ -129,9 +129,9 @@ func loginRedirect(client *osincli.Client, state string, codeChallenge string) s
 	query.Set("code_challenge_method", "S256")
 
 	// Force that when a new auth flow starts, the user is prompted to select
-	// their account and enter credentials, even if they're already logged in
+	// their account, even if they're already logged in
 	// Does not work for all providers (eg. OpenShift)
-	query.Set("prompt", "login select_account")
+	query.Set("prompt", "select_account")
 
 	parsedURL.RawQuery = query.Encode()
 
@@ -318,8 +318,6 @@ func clearSessionCookie(w http.ResponseWriter, r *http.Request) {
 		SameSite: http.SameSiteLaxMode,
 	}
 	http.SetCookie(w, &cookie)
-
-	w.Header().Set("Clear-Site-Data", `"cookies"`)
 }
 
 // validateAndExtractProviderFromState validates the state parameter and extracts the provider name