diff --git a/molgenis-vault/templates/_helpers.tpl b/molgenis-vault/templates/_helpers.tpl
index 81f6497..5c51ec7 100644
--- a/molgenis-vault/templates/_helpers.tpl
+++ b/molgenis-vault/templates/_helpers.tpl
@@ -1,3 +1,17 @@
+{{/*
+Define vault ui fullname
+*/}}
+{{- define "vault.ui.fullname" -}}
+{{- printf "%s-ui" .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Define vault service url for the ui
+*/}}
+{{- define "vault.service.url" -}}
+{{- printf "https://%s:8200" .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
 {{/* See https://github.com/helm/helm/issues/4535 */}}
 {{- define "call-nested" }}
 {{- $dot := index . 0 }}
diff --git a/molgenis-vault/templates/ui-ingress.yaml b/molgenis-vault/templates/ui-ingress.yaml
new file mode 100644
index 0000000..d8d8e1f
--- /dev/null
+++ b/molgenis-vault/templates/ui-ingress.yaml
@@ -0,0 +1,30 @@
+{{- if .Values.ui.ingress.enabled -}}
+{{- $serviceName := include "vault.ui.fullname" . -}}
+{{- $servicePort := .Values.ui.service.externalPort -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ template "vault.ui.fullname" . }}
+  labels:
+    app: {{ template "molgenis-vault.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+  annotations:
+    {{- range $key, $value := .Values.ui.ingress.annotations }}
+      {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+    - host: {{ .Values.ui.ingress.host }}
+      http:
+        paths:
+          - path:
+            backend:
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- if .Values.ui.ingress.tls }}
+  tls:
+{{ toYaml .Values.ui.ingress.tls | indent 4 }}
+  {{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/molgenis-vault/templates/ui-service.yaml b/molgenis-vault/templates/ui-service.yaml
new file mode 100644
index 0000000..0e26d65
--- /dev/null
+++ b/molgenis-vault/templates/ui-service.yaml
@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "vault.ui.fullname" . }}
+  labels:
+    app: {{ template "vault-operator.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.ui.service.type }}
+  ports:
+    - port: {{ .Values.ui.service.externalPort }}
+      targetPort: {{ .Values.ui.service.internalPort }}
+      protocol: TCP
+      name: {{ .Values.ui.service.name }}
+    {{- if .Values.ui.service.nodePort }}
+      nodePort: {{ .Values.ui.service.nodePort }}
+    {{- end }}
+  selector:
+    app: {{ template "vault-operator.name" . }}
+    release: {{ .Release.Name }}
+    component: {{ .Values.ui.name }}
\ No newline at end of file
diff --git a/molgenis-vault/templates/vault-ui-deployment.yaml b/molgenis-vault/templates/vault-ui-deployment.yaml
new file mode 100644
index 0000000..d13a154
--- /dev/null
+++ b/molgenis-vault/templates/vault-ui-deployment.yaml
@@ -0,0 +1,50 @@
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: {{ template "vault.ui.fullname" . }}
+  labels:
+    app: {{ template "vault-operator.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    component: {{ .Values.ui.name }}
+spec:
+  replicas: {{ .Values.ui.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "vault-operator.name" . }}
+        release: {{ .Release.Name }}
+        component: {{ .Values.ui.name }}
+    spec:
+      containers:
+        - name: {{ .Values.ui.name }}
+          image: "{{ .Values.ui.image.repository }}:{{ .Values.ui.image.tag }}"
+          imagePullPolicy: {{ .Values.imagePullPolicy }}
+          env:
+          - name: VAULT_URL_DEFAULT
+          {{- if .Values.ui.vault.url }}
+            value: {{ .Values.ui.vault.url }}
+          {{ else }}
+            value: {{ template "vault.service.url" . }}
+          {{- end }}
+          - name: VAULT_AUTH_DEFAULT
+            value: {{ .Values.ui.vault.auth }}
+          - name: NODE_TLS_REJECT_UNAUTHORIZED
+            value: '0'
+          ports:
+            - containerPort: {{ .Values.ui.service.internalPort }}
+          livenessProbe:
+            httpGet:
+              path: /
+              port: {{ .Values.ui.service.internalPort }}
+          readinessProbe:
+            httpGet:
+              path: /
+              port: {{ .Values.ui.service.internalPort }}
+          resources:
+{{ toYaml .Values.ui.resources | indent 12 }}
+    {{- if .Values.ui.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.ui.nodeSelector | indent 8 }}
+    {{- end }}
\ No newline at end of file
diff --git a/molgenis-vault/values.yaml b/molgenis-vault/values.yaml
index 701417c..aaca8f3 100644
--- a/molgenis-vault/values.yaml
+++ b/molgenis-vault/values.yaml
@@ -75,4 +75,5 @@ ui:
     #  memory: 128Mi
   nodeSelector: {}
   vault:
-    auth: TOKEN
\ No newline at end of file
+    auth: GITHUB
+    url: https://vault.vault-operator:8200
\ No newline at end of file