diff --git a/authentik/outposts/controllers/k8s/service.py b/authentik/outposts/controllers/k8s/service.py
index 93fcd4bdd..886512796 100644
--- a/authentik/outposts/controllers/k8s/service.py
+++ b/authentik/outposts/controllers/k8s/service.py
@@ -45,7 +45,11 @@ class ServiceReconciler(KubernetesObjectReconciler[V1Service]):
         selector_labels = DeploymentReconciler(self.controller).get_pod_meta()
         return V1Service(
             metadata=meta,
-            spec=V1ServiceSpec(ports=ports, selector=selector_labels, type="ClusterIP"),
+            spec=V1ServiceSpec(
+                ports=ports,
+                selector=selector_labels,
+                type=self.controller.outpost.config.kubernetes_service_type,
+            ),
         )
 
     def create(self, reference: V1Service):
diff --git a/authentik/outposts/models.py b/authentik/outposts/models.py
index d8f0fbd95..88ee2b183 100644
--- a/authentik/outposts/models.py
+++ b/authentik/outposts/models.py
@@ -61,6 +61,7 @@ class OutpostConfig:
     kubernetes_namespace: str = field(default="default")
     kubernetes_ingress_annotations: dict[str, str] = field(default_factory=dict)
     kubernetes_ingress_secret_name: str = field(default="authentik-outpost")
+    kubernetes_service_type: str = field(default="ClusterIP")
 
 
 class OutpostModel(Model):