diff --git a/app/logical/deviant_art_api_client.rb b/app/logical/deviant_art_api_client.rb
index c1fe37ae8..52607d6fe 100644
--- a/app/logical/deviant_art_api_client.rb
+++ b/app/logical/deviant_art_api_client.rb
@@ -8,7 +8,7 @@ class DeviantArtApiClient < Struct.new(:deviation_id)
 
   def extended_fetch
     params = { deviationid: deviation_id, type: "art", include_session: false }
-    http.get("https://www.deviantart.com/_napi/da-deviation/shared_api/deviation/extended_fetch", params: params)
+    get("https://www.deviantart.com/_napi/da-deviation/shared_api/deviation/extended_fetch", params: params)
   end
 
   def extended_fetch_json
@@ -17,10 +17,40 @@ class DeviantArtApiClient < Struct.new(:deviation_id)
 
   def download_url
     url = extended_fetch_json.dig(:deviation, :extended, :download, :url)
-    response = http.cookies(extended_fetch.cookies).get(url)
+    response = get(url)
     response.headers[:location]
   end
 
+  def get(url, retries: 1, **options)
+    response = http.cookies(cookies).get(url, **options)
+
+    new_cookies = response.cookies.cookies.map { |cookie| { cookie.name => cookie.value } }.reduce(&:merge)
+    new_cookies = new_cookies.slice(:userinfo, :auth, :authsecure)
+    if new_cookies.present?
+      DanbooruLogger.info("DeviantArt: updating cookies", url: url, new_cookies: new_cookies, old_cookies: cookies)
+      self.cookies = new_cookies
+    end
+
+    # If the old auth cookie expired we may get a 404 with a new auth cookie
+    # set. Try again with the new cookie.
+    if response.code == 404 && retries > 0
+      DanbooruLogger.info("DeviantArt: retrying", url: url, cookies: cookies)
+      response = get(url, retries: retries - 1, **options)
+    end
+
+    response
+  end
+
+  def cookies
+    Cache.get("deviantart_cookies", 10.years.to_i) do
+      JSON.parse(Danbooru.config.deviantart_cookies)
+    end
+  end
+
+  def cookies=(new_cookies)
+    Cache.put("deviantart_cookies", new_cookies, 10.years.to_i)
+  end
+
   def http
     HTTP.use(:auto_inflate).headers(Danbooru.config.http_headers.merge("Accept-Encoding" => "gzip"))
   end
diff --git a/config/danbooru_default_config.rb b/config/danbooru_default_config.rb
index daf176f3a..d7d36db88 100644
--- a/config/danbooru_default_config.rb
+++ b/config/danbooru_default_config.rb
@@ -381,6 +381,16 @@ module Danbooru
       nil
     end
 
+    # DeviantArt login cookies. Login to DeviantArt and extract these from the browser.
+    # https://github.com/danbooru/danbooru/issues/4219
+    def deviantart_cookies
+      {
+        userinfo: "XXX",
+        auth_secure: "XXX",
+        auth: "XXX"
+      }.to_json
+    end
+
     def pixiv_login
       nil
     end