diff --git a/ansible/roles/apps/tasks/single-sign-on.yml b/ansible/roles/apps/tasks/single-sign-on.yml
index b8be81a043a887abe975530ec965eed19526a17c..2e9080129cb8267b02b9a02b24a3c538a815191a 100644
--- a/ansible/roles/apps/tasks/single-sign-on.yml
+++ b/ansible/roles/apps/tasks/single-sign-on.yml
@@ -16,3 +16,24 @@
         - config
         - flux
         - single-sign-on
+
+- name: Create persistent volumes for single-sign-on userbackend data
+  tags:
+    - config
+    - single-sign-on
+    - storage
+  vars:
+    pvc:
+      name: "single-sign-on-{{ item.name }}"
+      namespace: "oas-apps"
+      size: "{{ item.size }}"
+  include_tasks:
+    file: pvc.yml
+    apply:
+      tags:
+        - config
+        - single-sign-on
+        - storage
+  with_items:
+    - name: "userbackend"
+      size: 1Gi
diff --git a/ansible/roles/apps/templates/settings/single-sign-on.yaml b/ansible/roles/apps/templates/settings/single-sign-on.yaml
index 92075fb15e7ddb79b5cb7bab415e7eda1d14ed28..8ed680d393abaf4b44ffddb620ead38c493d00ff 100644
--- a/ansible/roles/apps/templates/settings/single-sign-on.yaml
+++ b/ansible/roles/apps/templates/settings/single-sign-on.yaml
@@ -25,6 +25,7 @@ userbackend:
   persistence:
     enabled: true
     size: 1Gi
+    existingClaim: single-sign-on-userbackend
   podAnnotations:
     # Let the backup system include nextcloud database data.
     backup.velero.io/backup-volumes: "database"