diff --git a/.changeset/grumpy-groups-run.md b/.changeset/grumpy-groups-run.md
new file mode 100644
index 00000000000..b01ddcf14ec
--- /dev/null
+++ b/.changeset/grumpy-groups-run.md
@@ -0,0 +1,5 @@
+---
+'@clerk/backend': patch
+---
+
+Fixes an issue where a handshake would trigger more than intended in development.
diff --git a/integration/tests/handshake.test.ts b/integration/tests/handshake.test.ts
index b6113e4875c..5e766d17cb1 100644
--- a/integration/tests/handshake.test.ts
+++ b/integration/tests/handshake.test.ts
@@ -1437,7 +1437,7 @@ test.describe('Client handshake with an organization activation avoids infinite
     // Critical cookie: __clerk_redirect_count
     headers.set(
       'Cookie',
-      `${devBrowserCookie} __client_uat=${claims.iat}; __session=${token}; __clerk_redirect_count=1`,
+      `${devBrowserCookie} __client_uat=${claims.iat}; __session=${token}; __clerk_redirect_count=3`,
     );
 
     const res = await fetch(thisApp.serverUrl + '/organizations-by-id/org_a', {
diff --git a/packages/backend/src/tokens/handshake.ts b/packages/backend/src/tokens/handshake.ts
index 18ba6dc6080..49de367d171 100644
--- a/packages/backend/src/tokens/handshake.ts
+++ b/packages/backend/src/tokens/handshake.ts
@@ -222,6 +222,7 @@ export class HandshakeService {
       const newUrl = new URL(this.authenticateContext.clerkUrl);
       newUrl.searchParams.delete(constants.QueryParameters.Handshake);
       newUrl.searchParams.delete(constants.QueryParameters.HandshakeHelp);
+      newUrl.searchParams.delete(constants.QueryParameters.DevBrowser);
       headers.append(constants.Headers.Location, newUrl.toString());
       headers.set(constants.Headers.CacheControl, 'no-store');
     }
@@ -323,7 +324,7 @@ ${developmentError.getFullMessage()}`,
 
     const newCounterValue = this.authenticateContext.handshakeRedirectLoopCounter + 1;
     const cookieName = constants.Cookies.RedirectCount;
-    headers.append('Set-Cookie', `${cookieName}=${newCounterValue}; SameSite=Lax; HttpOnly; Max-Age=3`);
+    headers.append('Set-Cookie', `${cookieName}=${newCounterValue}; SameSite=Lax; HttpOnly; Max-Age=2`);
     return false;
   }
 
diff --git a/packages/backend/src/tokens/request.ts b/packages/backend/src/tokens/request.ts
index c99600c58c4..43ef997225e 100644
--- a/packages/backend/src/tokens/request.ts
+++ b/packages/backend/src/tokens/request.ts
@@ -386,7 +386,7 @@ export const authenticateRequest: AuthenticateRequest = (async (
     if (!mustActivate) {
       return null;
     }
-    if (authenticateContext.handshakeRedirectLoopCounter > 0) {
+    if (authenticateContext.handshakeRedirectLoopCounter >= 3) {
       // We have an organization that needs to be activated, but this isn't our first time redirecting.
       // This is because we attempted to activate the organization previously, but the organization
       // must not have been valid (either not found, or not valid for this user), and gave us back