diff --git a/clusters/cl01tl/applications/site-profile/templates/external-secret.yaml b/clusters/cl01tl/applications/site-profile/templates/external-secret.yaml
index e588017a7..d14a80d48 100644
--- a/clusters/cl01tl/applications/site-profile/templates/external-secret.yaml
+++ b/clusters/cl01tl/applications/site-profile/templates/external-secret.yaml
@@ -43,6 +43,38 @@ spec:
         metadataPolicy: None
         property: key
 
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: directus-valkey-config
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: directus-valkey-config
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: user
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/site-profile/directus/valkey
+        metadataPolicy: None
+        property: user
+    - secretKey: password
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/site-profile/directus/valkey
+        metadataPolicy: None
+        property: password
+
 ---
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
diff --git a/clusters/cl01tl/applications/site-profile/values.yaml b/clusters/cl01tl/applications/site-profile/values.yaml
index 9ea1dd1ec..989beec1c 100644
--- a/clusters/cl01tl/applications/site-profile/values.yaml
+++ b/clusters/cl01tl/applications/site-profile/values.yaml
@@ -98,6 +98,16 @@ directus:
               value: site-profile-valkey-master
             - name: REDIS_PORT
               value: 6379
+            - name: REDIS_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: directus-valkey-config
+                  key: user
+            - name: REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: directus-valkey-config
+                  key: password
             - name: STORAGE_LOCATIONS
               value: LOCAL
             - name: STORAGE_LOCAL_DRIVER
@@ -180,6 +190,8 @@ valkey:
   architecture: standalone
   auth:
     enabled: true
+    existingSecret: directus-valkey-config
+    existingSecretPasswordKey: password
 cloudflared:
   name: cloudflared
   existingSecretName: site-profile-cloudflared-api-secret