diff --git a/charts/argo-cd/templates/dex/psp.yaml b/charts/argo-cd/templates/dex/psp.yaml
new file mode 100644
index 00000000..4045a8dc
--- /dev/null
+++ b/charts/argo-cd/templates/dex/psp.yaml
@@ -0,0 +1,66 @@
+{{- if .Values.dex.pspEnabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "argo-cd.dex.fullname" . }}
+  labels:
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+  annotations:
+    seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
+spec:
+  privileged: false
+  hostIPC: false
+  hostNetwork: false
+  hostPID: false
+  readOnlyRootFilesystem: false
+  allowPrivilegeEscalation: false
+  allowedCapabilities:
+    - '*'
+  fsGroup:
+    rule: RunAsAny
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+    - '*'
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "argo-cd.dex.fullname" . }}-psp
+  labels:
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+rules:
+  - apiGroups: ['policy']
+    resources: ['podsecuritypolicies']
+    verbs:     ['use']
+    resourceNames:
+      - {{ template "argo-cd.dex.fullname" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "argo-cd.dex.fullname" . }}-psp
+  labels:
+    helm.sh/chart: {{ include "argo-cd.chart" . }}
+    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "argo-cd.dex.fullname" . }}-psp
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "argo-cd.dexServiceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
+{{- end }}