diff --git a/src/routes/apiRoutes.js b/src/routes/apiRoutes.js
index 451041a..1559124 100644
--- a/src/routes/apiRoutes.js
+++ b/src/routes/apiRoutes.js
@@ -44,16 +44,18 @@ router.post('/session-npubbed', async (req, res) => {
 
 
 router.post('/invited-npub', async (req, res) => {
-    const sessionUuid = req.cookies.sessionUuid;
+    const inviteUuid = req.cookies.inviteUuid;
     const npub = req.body.npub;
 
     await InvitedNpub.create({
         uuid: uuid.v7(),
-        app_invite_uuid: uuid.v7(), //should read from cookie instead
+        app_invite_uuid: inviteUuid,
         invited_npub: npub,
         created_at: new Date().toISOString()
     });
 
+    return res.json({ message: "Invited npub successfully." })
+
 });
 
 module.exports = router;
diff --git a/src/routes/webRoutes.js b/src/routes/webRoutes.js
index 0e7fd5d..be63cfc 100644
--- a/src/routes/webRoutes.js
+++ b/src/routes/webRoutes.js
@@ -7,11 +7,13 @@ router.get('/', (req, res) => {
     res.render('index', { uuid: req.cookies.sessionUuid });
 });
 
-router.get('/invite/:uuid', async (req, res) => {
-    const { uuid } = req.params;
+router.get('/invite/:inviteUuid', async (req, res) => {
+    const { inviteUuid } = req.params;
+
+    res.cookie('inviteUuid', inviteUuid, { httpOnly: true, maxAge: 86400000 });
 
     try {
-        const invite = await AppInvite.findOne({ where: { uuid } });
+        const invite = await AppInvite.findOne({ where: { uuid: inviteUuid } });
 
         if (!invite) {
             return res.status(404).render('error', { message: 'Invite not found' });