diff --git a/gen3/bin/kube-setup-revproxy.sh b/gen3/bin/kube-setup-revproxy.sh
index fcc2ef3b7..825b4ac62 100644
--- a/gen3/bin/kube-setup-revproxy.sh
+++ b/gen3/bin/kube-setup-revproxy.sh
@@ -122,6 +122,17 @@ then
   done
 fi
 
+if g3kubectl get namespace argo-va-testing > /dev/null 2>&1;
+then
+  for argo in $(g3kubectl get services -n argo-va-testing -o jsonpath='{.items[*].metadata.name}');
+  do
+    filePath="$scriptDir/gen3.nginx.conf/${argo}.conf"
+    if [[ -f "$filePath" ]]; then
+      confFileList+=("--from-file" "$filePath")
+    fi
+  done
+fi
+
 if g3kubectl get namespace argocd > /dev/null 2>&1;
 then
     filePath="$scriptDir/gen3.nginx.conf/argocd-server.conf"
diff --git a/kube/services/revproxy/gen3.nginx.conf/argo-va-testing-argo-workflows-server.conf b/kube/services/revproxy/gen3.nginx.conf/argo-va-testing-argo-workflows-server.conf
new file mode 100644
index 000000000..a6dd52956
--- /dev/null
+++ b/kube/services/revproxy/gen3.nginx.conf/argo-va-testing-argo-workflows-server.conf
@@ -0,0 +1,19 @@
+         location /argo/ {
+              error_page 403 @errorworkspace;
+              set $authz_resource "/argo";
+              set $authz_method "access";
+              set $authz_service "argo";
+              # be careful - sub-request runs in same context as this request
+              auth_request /gen3-authz;
+
+              set $proxy_service  "argo";
+              set $upstream http://argo-va-testing-argo-workflows-server.argo-va-testing.svc.cluster.local:2746;
+
+              rewrite ^/argo/(.*) /$1 break;
+
+              proxy_set_header Connection '';
+              proxy_http_version 1.1;
+              chunked_transfer_encoding off;
+
+              proxy_pass $upstream;
+          }