diff --git a/src/lib/server/api/common/openapi/create-cookie-schema.ts b/src/lib/server/api/common/openapi/create-cookie-schema.ts
new file mode 100644
index 0000000..730110e
--- /dev/null
+++ b/src/lib/server/api/common/openapi/create-cookie-schema.ts
@@ -0,0 +1,15 @@
+import { authCookieSchema } from '$lib/server/api/common/openapi/schemas';
+import { z } from '@hono/zod-openapi';
+
+export type ZodSchema = z.ZodUnion<never> | z.AnyZodObject | z.ZodArray<z.AnyZodObject>;
+type ZodString = z.ZodString;
+
+export function createAuthCookieSchema() {
+	return createCookieSchema(authCookieSchema);
+}
+
+export function createCookieSchema<T extends ZodSchema>(schema: ZodString) {
+	return z.object({
+		cookie: schema,
+	});
+}
diff --git a/src/lib/server/api/common/openapi/schemas.ts b/src/lib/server/api/common/openapi/schemas.ts
new file mode 100644
index 0000000..8a84107
--- /dev/null
+++ b/src/lib/server/api/common/openapi/schemas.ts
@@ -0,0 +1,3 @@
+import { z } from '@hono/zod-openapi';
+
+export const authCookieSchema = z.string().regex(/^session=\w+$/);
diff --git a/src/lib/server/api/controllers/iam.routes.ts b/src/lib/server/api/controllers/iam.routes.ts
index bee1b65..601a55e 100644
--- a/src/lib/server/api/controllers/iam.routes.ts
+++ b/src/lib/server/api/controllers/iam.routes.ts
@@ -1,7 +1,9 @@
 import { StatusCodes } from '$lib/constants/status-codes';
 import { unauthorizedSchema } from '$lib/server/api/common/exceptions';
+import { createAuthCookieSchema } from '$lib/server/api/common/openapi/create-cookie-schema';
 import { selectUserSchema } from '$lib/server/api/databases/tables/users.table';
 import { updateProfileDto } from '$lib/server/api/dtos/update-profile.dto';
+import { z } from '@hono/zod-openapi';
 import { defineOpenApiOperation } from 'hono-zod-openapi';
 import { createErrorSchema } from 'stoker/openapi/schemas';
 
@@ -27,6 +29,10 @@ export const updateProfile = defineOpenApiOperation({
 	tags,
 	request: {
 		json: updateProfileDto,
+		cookies: createAuthCookieSchema(),
+		headers: z.object({
+			authorization: z.string(),
+		}),
 	},
 	responses: {
 		[StatusCodes.OK]: {
diff --git a/src/lib/server/api/index.ts b/src/lib/server/api/index.ts
index a143232..518b278 100644
--- a/src/lib/server/api/index.ts
+++ b/src/lib/server/api/index.ts
@@ -34,7 +34,7 @@ const routes = app
 	.route('/mfa', container.resolve(MfaController).routes())
 	.get('/', (c) => c.json({ message: 'Server is healthy' }));
 
-// @ts-ignore - this is a workaround for https://github.com/paolostyle/hono-zod-openapi/issues/2
+// @ts-expect-error - this is a workaround for https://github.com/paolostyle/hono-zod-openapi/issues/2
 configureOpenAPI(app);
 
 /* -------------------------------------------------------------------------- */