diff --git a/common/djangoapps/student/cookies.py b/common/djangoapps/student/cookies.py
index 417dd3f5f6f1066abf8e7f72c7baae0720b1bf68..27719c476be15fdfbf9d5e3565716bf549e887dd 100644
--- a/common/djangoapps/student/cookies.py
+++ b/common/djangoapps/student/cookies.py
@@ -118,6 +118,32 @@ def set_user_info_cookie(response, request):
     )
 
 
+def set_experiments_is_enterprise_cookie(request, response, experiments_is_enterprise):
+    """ Sets the experiments_is_enterprise cookie on the response.
+    This cookie can be used for tests or minor features,
+    but should not be used for payment related or other critical work
+    since users can edit their cookies
+    """
+    cookie_settings = standard_cookie_settings(request)
+    # In production, TLS should be enabled so that this cookie is encrypted
+    # when we send it.  We also need to set "secure" to True so that the browser
+    # will transmit it only over secure connections.
+    #
+    # In non-production environments (acceptance tests, devstack, and sandboxes),
+    # we still want to set this cookie.  However, we do NOT want to set it to "secure"
+    # because the browser won't send it back to us.  This can cause an infinite redirect
+    # loop in the third-party auth flow, which calls `is_logged_in_cookie_set` to determine
+    # whether it needs to set the cookie or continue to the next pipeline stage.
+    cookie_is_secure = request.is_secure()
+
+    response.set_cookie(
+        'experiments_is_enterprise',
+        json.dumps(experiments_is_enterprise),
+        secure=cookie_is_secure,
+        **cookie_settings
+    )
+
+
 def get_user_info_cookie_data(request):
     """ Returns information that wil populate the user info cookie. """
     user = request.user
diff --git a/lms/djangoapps/student_account/views.py b/lms/djangoapps/student_account/views.py
index 9f83f76228a948d7d7e402a0885a8c53eaabd95e..624d0076a81b02f53c47215f8500d7a75a5afa77 100644
--- a/lms/djangoapps/student_account/views.py
+++ b/lms/djangoapps/student_account/views.py
@@ -40,6 +40,7 @@ from openedx.core.djangoapps.user_api.errors import (
 from openedx.core.lib.edx_api_utils import get_edx_api_data
 from openedx.core.lib.time_zone_utils import TIME_ZONE_CHOICES
 from openedx.features.enterprise_support.api import enterprise_customer_for_request, get_enterprise_learner_data
+from student.cookies import set_experiments_is_enterprise_cookie
 from student.helpers import destroy_oauth_tokens, get_next_url_for_login_page
 from student.models import UserProfile
 from student.views import register_user as old_register_view
@@ -162,6 +163,11 @@ def login_and_registration_form(request, initial_mode="login"):
 
     response = render_to_response('student_account/login_and_register.html', context)
 
+    # This cookie can be used for tests or minor features,
+    # but should not be used for payment related or other critical work
+    # since users can edit their cookies
+    set_experiments_is_enterprise_cookie(request, response, context['enable_enterprise_sidebar'])
+
     # Remove enterprise cookie so that subsequent requests show default login page.
     response.delete_cookie(
         configuration_helpers.get_value("ENTERPRISE_CUSTOMER_COOKIE_NAME", settings.ENTERPRISE_CUSTOMER_COOKIE_NAME),