diff --git a/lib/auth.js b/lib/auth.js
index e959fea..2a32cbe 100644
--- a/lib/auth.js
+++ b/lib/auth.js
@@ -326,8 +326,10 @@ const authClient = new Model({
         return getCSRFToken(config.host).then(function(token) {
           var url = config.host + '/users/sign_out';
 
-          var deleteHeaders = Object.create(config.jsonHeaders);
-          deleteHeaders['X-CSRF-Token'] = token;
+          var deleteHeaders = {
+            ...config.jsonHeaders,
+            ['X-CSRF-Token']: token
+          };
 
           return makeCredentialHTTPRequest('DELETE', url, null, deleteHeaders)
             .then(function() {
diff --git a/lib/oauth.js b/lib/oauth.js
index b660405..cd1e798 100644
--- a/lib/oauth.js
+++ b/lib/oauth.js
@@ -126,8 +126,10 @@ const authClient = new Model({
         return getCSRFToken(config.oauthHost).then(function(token) {
           var url = config.oauthHost + '/users/sign_out';
 
-          var deleteHeaders = Object.create(config.jsonHeaders);
-          deleteHeaders['X-CSRF-Token'] = token;
+          var deleteHeaders = {
+            ...config.jsonHeaders,
+            ['X-CSRF-Token']: token
+          };
 
           return makeCredentialHTTPRequest('DELETE', url, null, deleteHeaders)
             .then(function() {