diff --git a/charts/opserver/Chart.yaml b/charts/opserver/Chart.yaml
index 60bd4f67..e20f2c55 100644
--- a/charts/opserver/Chart.yaml
+++ b/charts/opserver/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.4
+version: 1.0.7
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
diff --git a/charts/opserver/templates/deployment.yaml b/charts/opserver/templates/deployment.yaml
index 6874e25a..4dc45b7c 100644
--- a/charts/opserver/templates/deployment.yaml
+++ b/charts/opserver/templates/deployment.yaml
@@ -114,6 +114,8 @@ spec:
           value: {{ .Values.opserverSettings.security.provider }}
 
 {{- if eq .Values.opserverSettings.security.provider "OIDC" }}
+        - name: Security__UseHttpsForRedirects
+          value: "true"
         - name: Security__Name
           value: "Okta"
         - name: Security__ViewEverythingGroups
diff --git a/src/Opserver.Web/Controllers/AuthController.OIDC.cs b/src/Opserver.Web/Controllers/AuthController.OIDC.cs
index e9087d48..ea656ffe 100644
--- a/src/Opserver.Web/Controllers/AuthController.OIDC.cs
+++ b/src/Opserver.Web/Controllers/AuthController.OIDC.cs
@@ -216,11 +216,12 @@ private IActionResult RedirectToProvider(string returnUrl)
                 });
 
             var oidcSettings = (OIDCSecuritySettings) Current.Security.Settings;
+            var scheme = (oidcSettings.UseHttpsForRedirects ? "https" : Request.Scheme);
             var redirectUri = Url.Action(
                 nameof(OAuthCallback),
                 ControllerContext.ActionDescriptor.ControllerName,
                 null,
-                Request.Scheme,
+                scheme,
                 Request.Host.Value,
                 null
             );
diff --git a/src/Opserver.Web/Security/OIDCSecuritySettings.cs b/src/Opserver.Web/Security/OIDCSecuritySettings.cs
index ae4ee5ca..e1840898 100644
--- a/src/Opserver.Web/Security/OIDCSecuritySettings.cs
+++ b/src/Opserver.Web/Security/OIDCSecuritySettings.cs
@@ -46,5 +46,10 @@ public class OIDCSecuritySettings : SecuritySettings
         /// Gets or sets the name of the "name" claim.
         /// </summary>
         public string GroupsClaim { get; set; } = "groups";
+
+        /// <summary>
+        /// When redirecting to an OIDC provider, whether to always use https for the redirect/referral.
+        /// </summary>
+        public bool UseHttpsForRedirects { get; set; } = false;
     }
 }