diff --git a/chart/values.schema.json b/chart/values.schema.json
index 88fa1665515ee92affed703680ef166f7c3a5b0b..512f9e18a7d73b9aa56a2006de5947a93e42a602 100644
--- a/chart/values.schema.json
+++ b/chart/values.schema.json
@@ -721,10 +721,34 @@
                   "type": "string"
                 },
                 "allow_sign_up": {
-                  "type": "string"
+                  "type": "boolean"
                 },
                 "role_attribute_path": {
                   "type": "string"
+                },
+                "token_url": {
+                  "type": "string"
+                },
+                "auth_url": {
+                  "type": "string"
+                },
+                "api_url": {
+                  "type": "string"
+                },
+                "tls_client_ca": {
+                  "type": "string"
+                },
+                "tls_skip_verify_insecure": {
+                  "type": "boolean"
+                },
+                "tls_client_cert": {
+                  "type": "string"
+                },
+                "tls_client_key": {
+                  "type": "string"
+                },
+                "allowed_domains": {
+                  "type": "string"
                 }
               },
               "additionalProperties": false
diff --git a/chart/values.yaml b/chart/values.yaml
index aa62459732900dad125737aa114b37a320d9d7b9..ae79bd4563284e10cea5f4ed45ca1238ea32f1ed 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -878,7 +878,7 @@ monitoring:
       # -- Grafana OIDC client scopes, comma separated, see https://grafana.com/docs/grafana/latest/auth/generic-oauth/
       scopes: ""
 
-      allow_sign_up: "true"
+      allow_sign_up: true
 
       role_attribute_path: "Viewer"
       # -- Other options available, see package Documentation.
diff --git a/schema/schema.bats b/schema/schema.bats
index e30f8295c791401d66f299f338b2c8be2e439f13..df492f009f036071ab746dd96917f716c420286c 100644
--- a/schema/schema.bats
+++ b/schema/schema.bats
@@ -105,4 +105,10 @@ invalid() {
     diag "Testing extra keys for core package $package"
     assert_equal "$status" "1"
   done
+}
+
+# Test monitoring schema validation
+@test "helm template validate monitoring schema" {
+  valid monitoring
+  invalid monitoring
 }
\ No newline at end of file
diff --git a/schema/test-values/monitoring/invalid/sso.yaml b/schema/test-values/monitoring/invalid/sso.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..726267573f1f7a6bfbe28a48e0b308b6e716f7c8
--- /dev/null
+++ b/schema/test-values/monitoring/invalid/sso.yaml
@@ -0,0 +1,4 @@
+monitoring:
+  sso:
+    grafana:
+      foo: bar
diff --git a/schema/test-values/monitoring/valid/sso.yaml b/schema/test-values/monitoring/valid/sso.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3c3f53ba459dcbb0a70e85911c6980a4e79b9d03
--- /dev/null
+++ b/schema/test-values/monitoring/valid/sso.yaml
@@ -0,0 +1,16 @@
+monitoring:
+  sso:
+    grafana:
+      client_id: grafana
+      client_secret: secret 
+      scopes: Grafana
+      allow_sign_up: true
+      role_attribute_path: Viewer
+      auth_url: https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/auth
+      token_url: https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/token
+      api_url: https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/userinfo
+      allowed_domains: foo.com bar.com
+      tls_client_ca: ""
+      tls_skip_verify_insecure: false
+      tls_client_cert: ""
+      tls_client_key: ""
\ No newline at end of file