diff --git a/chart/templates/secrets/jwt-secret.yaml b/chart/templates/secrets/jwt-secret.yaml
index 7786496f4d0a7..7eb524c90b119 100644
--- a/chart/templates/secrets/jwt-secret.yaml
+++ b/chart/templates/secrets/jwt-secret.yaml
@@ -36,6 +36,10 @@ metadata:
     {{- with .Values.labels }}
       {{- toYaml . | nindent 4 }}
     {{- end }}
+  {{- with .Values.jwtSecretAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 type: Opaque
 data:
   jwt-secret: {{ (default $generated_secret_key .Values.jwtSecret) | b64enc | quote }}
diff --git a/chart/values.schema.json b/chart/values.schema.json
index 2795a342a93c3..1bfe3c9757b69 100644
--- a/chart/values.schema.json
+++ b/chart/values.schema.json
@@ -1482,6 +1482,15 @@
             "x-docsSection": "Airflow",
             "default": null
         },
+        "jwtSecretAnnotations": {
+            "description": "Annotations to add to the JWT secret.",
+            "type": "object",
+            "x-docsSection": "Common",
+            "default": {},
+            "additionalProperties": {
+                "type": "string"
+            }
+        },
         "webserverSecretKey": {
             "description": "The Flask secret key for Airflow Webserver to encrypt browser session.",
             "type": [
diff --git a/chart/values.yaml b/chart/values.yaml
index 3a6bb1691fad7..5d85210d419f1 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -559,6 +559,8 @@ webserverSecretKeySecretName: ~
 
 # Secret key used to encode and decode JWTs: `[api_auth] jwt_secret` in airflow.cfg
 jwtSecret: ~
+# Add custom annotations to the JWT secret
+jwtSecretAnnotations: {}
 jwtSecretName: ~
 
 # In order to use kerberos you need to create secret containing the keytab file
diff --git a/helm-tests/tests/helm_tests/apiserver/test_apiserver.py b/helm-tests/tests/helm_tests/apiserver/test_apiserver.py
index b481ffad372c1..08796bde0c855 100644
--- a/helm-tests/tests/helm_tests/apiserver/test_apiserver.py
+++ b/helm-tests/tests/helm_tests/apiserver/test_apiserver.py
@@ -75,3 +75,18 @@ def test_should_add_volume_and_volume_mount_when_exist_api_server_config(self):
             "subPath": "webserver_config.py",
             "readOnly": True,
         } in jmespath.search("spec.template.spec.containers[0].volumeMounts", docs[0])
+
+
+class TestAPIServerJWTSecret:
+    """Tests API Server JWT secret."""
+
+    def test_should_add_annotations_to_jwt_secret(self):
+        docs = render_chart(
+            values={
+                "jwtSecretAnnotations": {"test_annotation": "test_annotation_value"},
+            },
+            show_only=["templates/secrets/jwt-secret.yaml"],
+        )[0]
+
+        assert "annotations" in jmespath.search("metadata", docs)
+        assert jmespath.search("metadata.annotations", docs)["test_annotation"] == "test_annotation_value"