diff --git a/packages/apps/tenant/templates/info.yaml b/packages/apps/tenant/templates/info.yaml
index 8787c400..4b6f2640 100644
--- a/packages/apps/tenant/templates/info.yaml
+++ b/packages/apps/tenant/templates/info.yaml
@@ -1,6 +1,3 @@
-{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }}
-{{- $oidcEnabled := index $cozyConfig.data "oidc-enabled" }}
-{{- if eq $oidcEnabled "true" }}
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
@@ -30,4 +27,3 @@ spec:
     force: true
     remediation:
       retries: -1
-{{- end }}
diff --git a/packages/extra/info/templates/dashboard-resourcemap.yaml b/packages/extra/info/templates/dashboard-resourcemap.yaml
index 2fe68df1..fda98c9f 100644
--- a/packages/extra/info/templates/dashboard-resourcemap.yaml
+++ b/packages/extra/info/templates/dashboard-resourcemap.yaml
@@ -1,3 +1,5 @@
+{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }}
+{{- $oidcEnabled := index $cozyConfig.data "oidc-enabled" }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
@@ -8,7 +10,11 @@ rules:
   resources:
   - secrets
   resourceNames:
-  - kubeconfig-{{ .Release.Namespace }}
+  - {{- if eq $oidcEnabled "true" -}}
+    kubeconfig-{{ .Release.Namespace }}
+    {{- else -}}
+    tenant-{{ .Release.Namespace }}
+    {{- end }}
   verbs: ["get", "list", "watch"]
 ---
 kind: RoleBinding
@@ -16,7 +22,13 @@ apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: {{ .Release.Name }}-dashboard-resources
 subjects:
+{{- if eq $oidcEnabled "true" }}
 {{ include "cozy-lib.rbac.subjectsForTenantAndAccessLevel" (list "view" .Release.Namespace) }}
+{{- else }}
+- kind: ServiceAccount
+  name: tenant-{{ .Release.Namespace }}
+  namespace: tenant-{{ .Release.Namespace }}
+{{- end }}
 roleRef:
   kind: Role
   name: {{ .Release.Name }}-dashboard-resources