diff --git a/builtin/logical/ssh/path_roles.go b/builtin/logical/ssh/path_roles.go
index 595839301..6e525c42b 100644
--- a/builtin/logical/ssh/path_roles.go
+++ b/builtin/logical/ssh/path_roles.go
@@ -380,6 +380,7 @@ func pathRoles(b *backend) *framework.Path {
 				When supplied, this value specifies a signing algorithm for the key. Possible values:
 				ssh-rsa, rsa-sha2-256, rsa-sha2-512, default, or the empty string.
 				`,
+				AllowedValues: []interface{}{"", ssh.SigAlgoRSA, ssh.SigAlgoRSASHA2256, ssh.SigAlgoRSASHA2512},
 				DisplayAttrs: &framework.DisplayAttributes{
 					Name: "Signing Algorithm",
 				},
diff --git a/changelog/10299.txt b/changelog/10299.txt
new file mode 100644
index 000000000..db135b64e
--- /dev/null
+++ b/changelog/10299.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+ui: Add algorithm-signer as a SSH Secrets Engine UI field
+```
diff --git a/ui/app/models/role-ssh.js b/ui/app/models/role-ssh.js
index abb13fb5b..0308e91f4 100644
--- a/ui/app/models/role-ssh.js
+++ b/ui/app/models/role-ssh.js
@@ -37,6 +37,7 @@ const CA_FIELDS = [
   'allowUserKeyIds',
   'keyIdFormat',
   'notBeforeDuration',
+  'algorithmSigner',
 ];
 
 export default Model.extend({
@@ -117,6 +118,9 @@ export default Model.extend({
   keyIdFormat: attr('string', {
     helpText: 'When supplied, this value specifies a custom format for the key id of a signed certificate',
   }),
+  algorithmSigner: attr('string', {
+    helpText: 'When supplied, this value specifies a signing algorithm for the key',
+  }),
 
   showFields: computed('keyType', function () {
     const keyType = this.keyType;