diff --git a/buildchain/buildchain/salt_tree.py b/buildchain/buildchain/salt_tree.py
index 2b49b84e90..d653bad660 100644
--- a/buildchain/buildchain/salt_tree.py
+++ b/buildchain/buildchain/salt_tree.py
@@ -217,8 +217,11 @@ def _get_parts(self) -> Iterator[str]:
     ),
 
     Path('salt/metalk8s/addons/dex/deployed/init.sls'),
-    Path('salt/metalk8s/addons/dex/deployed/chart.sls'),
     Path('salt/metalk8s/addons/dex/deployed/namespace.sls'),
+    Path('salt/metalk8s/addons/dex/deployed/dex-conf.sls'),
+    Path('salt/metalk8s/addons/dex/deployed/dex-service.sls'),
+    Path('salt/metalk8s/addons/dex/deployed/chart.sls'),
+    Path('salt/metalk8s/addons/dex/deployed/dex-tls-secret.sls'),
 
     Path('salt/metalk8s/addons/prometheus-operator/deployed/chart.sls'),
     Path('salt/metalk8s/addons/prometheus-operator/deployed/cleanup.sls'),
@@ -324,6 +327,10 @@ def _get_parts(self) -> Iterator[str]:
     Path('salt/metalk8s/kubernetes/ca/kubernetes/exported.sls'),
     Path('salt/metalk8s/kubernetes/ca/kubernetes/init.sls'),
     Path('salt/metalk8s/kubernetes/ca/kubernetes/installed.sls'),
+    Path('salt/metalk8s/kubernetes/ca/dex/init.sls'),
+    Path('salt/metalk8s/kubernetes/ca/dex/advertised.sls'),
+    Path('salt/metalk8s/kubernetes/ca/dex/dex-rootca.sls'),
+    Path('salt/metalk8s/kubernetes/ca/dex/dex-server.sls'),
 
     Path('salt/metalk8s/kubernetes/cni/calico/configured.sls'),
     Path('salt/metalk8s/kubernetes/cni/calico/deployed.sls'),
diff --git a/salt/metalk8s/addons/dex/deployed/init.sls b/salt/metalk8s/addons/dex/deployed/init.sls
new file mode 100644
index 0000000000..f4b6f3a5e8
--- /dev/null
+++ b/salt/metalk8s/addons/dex/deployed/init.sls
@@ -0,0 +1,17 @@
+#
+# State to manage dex
+#
+# Available states
+# ================
+#
+# * namespace              -> creates a namespace metalk8s-auth
+# * dex-tls-secret         -> creates dex certificates stored as k8s secret
+# * chart                  -> charts used to deploy dex
+# * dex-conf               -> contains dex required configurations
+
+include:
+- .namespace
+- .dex-tls-secret
+- .dex-conf
+- .dex-service
+- .chart
diff --git a/salt/metalk8s/map.jinja b/salt/metalk8s/map.jinja
index 42e7cd091a..346779076e 100644
--- a/salt/metalk8s/map.jinja
+++ b/salt/metalk8s/map.jinja
@@ -213,3 +213,7 @@
 {% set kubeadm_kubeconfig = salt['grains.filter_by']({
   'default': {}
 }, merge=defaults.get('kubeadm_kubeconfig')) %}
+
+{% set dex = salt['grains.filter_by']({
+  'default': {}
+}, merge=defaults.get('dex')) %}