diff --git a/charts/kubernetes-dashboard/Chart.yaml b/charts/kubernetes-dashboard/Chart.yaml
index 9ebb5e903c1..cfeda75d99a 100644
--- a/charts/kubernetes-dashboard/Chart.yaml
+++ b/charts/kubernetes-dashboard/Chart.yaml
@@ -14,7 +14,7 @@
 
 apiVersion: v2
 name: kubernetes-dashboard
-version: 7.1.3
+version: 7.2.0
 description: General-purpose web UI for Kubernetes clusters
 keywords:
   - kubernetes
diff --git a/charts/kubernetes-dashboard/templates/_helpers.tpl b/charts/kubernetes-dashboard/templates/_helpers.tpl
index 55c42e85556..0c4143c9e83 100644
--- a/charts/kubernetes-dashboard/templates/_helpers.tpl
+++ b/charts/kubernetes-dashboard/templates/_helpers.tpl
@@ -75,6 +75,16 @@ app.kubernetes.io/part-of: {{ include "kubernetes-dashboard.name" . }}
 {{- printf "private.key" }}
 {{- end -}}
 
+{{- define "kubernetes-dashboard.app.csrf.secret.value" -}}
+{{- $secretName := (include "kubernetes-dashboard.app.csrf.secret.name" .) -}}
+{{- $secret := lookup "v1" "Secret" .Release.Namespace $secretName -}}
+{{- if and $secret (hasKey $secret "data") (hasKey $secret.data "private.key") (index $secret.data "private.key") -}}
+private.key: {{ index $secret.data "private.key" }}
+{{- else -}}
+private.key: {{ randBytes 256 | b64enc | quote }}
+{{- end -}}
+{{- end -}}
+
 {{- define "kubernetes-dashboard.metrics-scraper.name" -}}
 {{- printf "%s-%s" ( include "kubernetes-dashboard.fullname" . ) ( .Values.metricsScraper.role )}}
 {{- end -}}
diff --git a/charts/kubernetes-dashboard/templates/deployments/api.yaml b/charts/kubernetes-dashboard/templates/deployments/api.yaml
index 5efefd807de..ab680e491ec 100644
--- a/charts/kubernetes-dashboard/templates/deployments/api.yaml
+++ b/charts/kubernetes-dashboard/templates/deployments/api.yaml
@@ -46,8 +46,7 @@ spec:
         app.kubernetes.io/version: {{ .Values.api.image.tag }}
         app.kubernetes.io/component: {{ .Values.api.role }}
       annotations:
-        {{/* Ensure that the deployment is rolled on upgrade since CSRF key will be regenerated. */}}
-        rollme: {{ randAlphaNum 5 | quote }}
+        checksum/config: {{ include (print $.Template.BasePath "/secrets/csrf.yaml") . | sha256sum }}
         {{- with .Values.api.annotations }}
         {{ toYaml . | nindent 8 }}
         {{- end }}
diff --git a/charts/kubernetes-dashboard/templates/deployments/auth.yaml b/charts/kubernetes-dashboard/templates/deployments/auth.yaml
index 727dad9c497..67fe28a4531 100644
--- a/charts/kubernetes-dashboard/templates/deployments/auth.yaml
+++ b/charts/kubernetes-dashboard/templates/deployments/auth.yaml
@@ -49,8 +49,7 @@ spec:
         app.kubernetes.io/version: {{ .Values.auth.image.tag }}
         app.kubernetes.io/component: {{ .Values.auth.role }}
       annotations:
-        {{/* Ensure that the deployment is rolled on upgrade since CSRF key will be regenerated. */}}
-        rollme: {{ randAlphaNum 5 | quote }}
+        checksum/config: {{ include (print $.Template.BasePath "/secrets/csrf.yaml") . | sha256sum }}
         {{- with .Values.auth.annotations }}
         {{ toYaml . | nindent 8 }}
         {{- end }}
diff --git a/charts/kubernetes-dashboard/templates/secrets/csrf.yaml b/charts/kubernetes-dashboard/templates/secrets/csrf.yaml
index 0dfad11b305..4ddaf63f6d8 100644
--- a/charts/kubernetes-dashboard/templates/secrets/csrf.yaml
+++ b/charts/kubernetes-dashboard/templates/secrets/csrf.yaml
@@ -19,4 +19,4 @@ metadata:
     {{- include "kubernetes-dashboard.labels" . | nindent 4 }}
   name: {{ template "kubernetes-dashboard.app.csrf.secret.name" . }}
 data:
-  {{ template "kubernetes-dashboard.app.csrf.secret.key" . }}: {{ randBytes 256 | b64enc | quote }}
+  {{ (include "kubernetes-dashboard.app.csrf.secret.value" . ) -}}
diff --git a/charts/kubernetes-dashboard/values.yaml b/charts/kubernetes-dashboard/values.yaml
index c1424e16a12..6ba09a0c052 100644
--- a/charts/kubernetes-dashboard/values.yaml
+++ b/charts/kubernetes-dashboard/values.yaml
@@ -143,7 +143,7 @@ auth:
       limits:
         cpu: 250m
         memory: 400Mi
-  automountServiceAccountToken: false
+  automountServiceAccountToken: true
   volumes:
     # Create on-disk volume to store exec logs (required)
     - name: tmp-volume
@@ -158,7 +158,7 @@ api:
   role: api
   image:
     repository: docker.io/kubernetesui/dashboard-api
-    tag: 1.4.0
+    tag: 1.4.1
   scaling:
     replicas: 1
     revisionHistoryLimit: 10
@@ -341,7 +341,7 @@ kong:
   enabled: true
   ## Configuration reference: https://docs.konghq.com/gateway/3.6.x/reference/configuration
   env:
-    dns_order: A,CNAME,LAST,SRV
+    dns_order: A,CNAME,LAST,AAAA,SRV
     plugins: 'off'
     nginx_worker_processes: 1
   ingressController: