diff --git a/docs/self-managed/deployment/helm/configure/registry-and-images/air-gapped-installation.md b/docs/self-managed/deployment/helm/configure/registry-and-images/air-gapped-installation.md
index 5312c0a30a7..442b08e738e 100644
--- a/docs/self-managed/deployment/helm/configure/registry-and-images/air-gapped-installation.md
+++ b/docs/self-managed/deployment/helm/configure/registry-and-images/air-gapped-installation.md
@@ -59,10 +59,10 @@ Choose one of the following image options:
 
 #### Option A: Open-source Bitnami images (community default)
 
-- [bitnami/postgresql](https://hub.docker.com/r/bitnamilegacy/postgresql)
-- [bitnami/keycloak](https://hub.docker.com/r/bitnamilegacy/keycloak)
-- [bitnami/os-shell](https://hub.docker.com/r/bitnamilegacy/os-shell/)
-- [bitnami/elasticsearch](https://hub.docker.com/r/bitnamilegacy/elasticsearch/)
+- [bitnamilegacy/postgresql](https://hub.docker.com/r/bitnamilegacy/postgresql)
+- [camunda/keycloak](https://hub.docker.com/r/camunda/keycloak) (tag: `bitnami-*`)
+- [bitnamilegacy/os-shell](https://hub.docker.com/r/bitnamilegacy/os-shell/)
+- [bitnamilegacy/elasticsearch](https://hub.docker.com/r/bitnamilegacy/elasticsearch/)
 
 :::warning Not recommended for production
 These open-source images are the community default but are not recommended for production environments due to security and support limitations. Customers should transition to Option B or use managed infrastructure services.
@@ -71,7 +71,7 @@ These open-source images are the community default but are not recommended for p
 #### Option B: Enterprise Bitnami Premium images (recommended)
 
 - `registry.camunda.cloud/vendor-ee/postgresql` (requires enterprise credentials)
-- `registry.camunda.cloud/vendor-ee/keycloak` (requires enterprise credentials)
+- `registry.camunda.cloud/keycloak-ee/keycloak` (tag: `bitnami-ee-*`, requires enterprise credentials)
 - `registry.camunda.cloud/vendor-ee/os-shell` (requires enterprise credentials)
 - `registry.camunda.cloud/vendor-ee/elasticsearch` (requires enterprise credentials)
 
@@ -81,6 +81,25 @@ The `vendor-ee` registry provides proxied access to Bitnami Premium images from
 For detailed configuration and installation instructions, see [Install Bitnami enterprise images](/self-managed/deployment/helm/configure/registry-and-images/install-bitnami-enterprise-images.md).
 :::
 
+#### Camunda Keycloak images
+
+Camunda provides custom [Keycloak images](https://github.com/camunda/keycloak) that include the AWS JDBC wrapper and Camunda Identity theme. These images follow Bitnami's environment variable conventions.
+
+| Variant     | Registry                                                                | Tag prefix     | Availability        |
+| ----------- | ----------------------------------------------------------------------- | -------------- | ------------------- |
+| Open-source | [docker.io/camunda/keycloak](https://hub.docker.com/r/camunda/keycloak) | `bitnami-*`    | Public (Docker Hub) |
+| Enterprise  | `registry.camunda.cloud/keycloak-ee/keycloak`                           | `bitnami-ee-*` | Licensed customers  |
+
+For backward compatibility, both variants are also available without the prefix in their respective registries.
+
+:::note
+The open-source variant is based on the `bitnamilegacy` repository and receives no further updates from Bitnami. For production environments, use the enterprise variant or a managed Keycloak service.
+:::
+
+:::tip About the original Bitnami Keycloak images
+If you prefer to use the original Bitnami Keycloak images directly (`bitnamilegacy/keycloak` or `registry.camunda.cloud/vendor-ee/keycloak`), you can override the image in your Helm values. This is not required, as Camunda Keycloak images are fully compatible and recommended.
+:::
+
 A helper script is available in the [camunda-helm-respository](https://github.com/camunda/camunda-platform-helm/blob/c6a6e0c327f2acb8746802fbe03b3774b8284de3/scripts/download-chart-docker-images.sh) to pull and save Docker images.
 
 ### Access Camunda images from the Camunda registry
diff --git a/versioned_docs/version-8.8/self-managed/deployment/helm/configure/registry-and-images/air-gapped-installation.md b/versioned_docs/version-8.8/self-managed/deployment/helm/configure/registry-and-images/air-gapped-installation.md
index 5312c0a30a7..2ec5740d164 100644
--- a/versioned_docs/version-8.8/self-managed/deployment/helm/configure/registry-and-images/air-gapped-installation.md
+++ b/versioned_docs/version-8.8/self-managed/deployment/helm/configure/registry-and-images/air-gapped-installation.md
@@ -59,10 +59,10 @@ Choose one of the following image options:
 
 #### Option A: Open-source Bitnami images (community default)
 
-- [bitnami/postgresql](https://hub.docker.com/r/bitnamilegacy/postgresql)
-- [bitnami/keycloak](https://hub.docker.com/r/bitnamilegacy/keycloak)
-- [bitnami/os-shell](https://hub.docker.com/r/bitnamilegacy/os-shell/)
-- [bitnami/elasticsearch](https://hub.docker.com/r/bitnamilegacy/elasticsearch/)
+- [bitnamilegacy/postgresql](https://hub.docker.com/r/bitnamilegacy/postgresql)
+- [camunda/keycloak](https://hub.docker.com/r/camunda/keycloak) (tag: `bitnami-*`)
+- [bitnamilegacy/os-shell](https://hub.docker.com/r/bitnamilegacy/os-shell/)
+- [bitnamilegacy/elasticsearch](https://hub.docker.com/r/bitnamilegacy/elasticsearch/)
 
 :::warning Not recommended for production
 These open-source images are the community default but are not recommended for production environments due to security and support limitations. Customers should transition to Option B or use managed infrastructure services.
@@ -71,7 +71,7 @@ These open-source images are the community default but are not recommended for p
 #### Option B: Enterprise Bitnami Premium images (recommended)
 
 - `registry.camunda.cloud/vendor-ee/postgresql` (requires enterprise credentials)
-- `registry.camunda.cloud/vendor-ee/keycloak` (requires enterprise credentials)
+- `registry.camunda.cloud/keycloak-ee/keycloak` (tag: `bitnami-ee-*`, requires enterprise credentials)
 - `registry.camunda.cloud/vendor-ee/os-shell` (requires enterprise credentials)
 - `registry.camunda.cloud/vendor-ee/elasticsearch` (requires enterprise credentials)
 
@@ -83,6 +83,25 @@ For detailed configuration and installation instructions, see [Install Bitnami e
 
 A helper script is available in the [camunda-helm-respository](https://github.com/camunda/camunda-platform-helm/blob/c6a6e0c327f2acb8746802fbe03b3774b8284de3/scripts/download-chart-docker-images.sh) to pull and save Docker images.
 
+#### Camunda Keycloak images
+
+Camunda provides custom [Keycloak images](https://github.com/camunda/keycloak) that include the AWS JDBC wrapper and Camunda Identity theme. These images follow Bitnami's environment variable conventions.
+
+| Variant     | Registry                                                                | Tag prefix     | Availability        |
+| ----------- | ----------------------------------------------------------------------- | -------------- | ------------------- |
+| Open-source | [docker.io/camunda/keycloak](https://hub.docker.com/r/camunda/keycloak) | `bitnami-*`    | Public (Docker Hub) |
+| Enterprise  | `registry.camunda.cloud/keycloak-ee/keycloak`                           | `bitnami-ee-*` | Licensed customers  |
+
+For backward compatibility, both variants are also available without the prefix in their respective registries.
+
+:::note
+The open-source variant is based on the `bitnamilegacy` repository and receives no further updates from Bitnami. For production environments, use the enterprise variant or a managed Keycloak service.
+:::
+
+:::tip About the original Bitnami Keycloak images
+If you prefer to use the original Bitnami Keycloak images directly (`bitnamilegacy/keycloak` or `registry.camunda.cloud/vendor-ee/keycloak`), you can override the image in your Helm values. This is not required, as Camunda Keycloak images are fully compatible and recommended.
+:::
+
 ### Access Camunda images from the Camunda registry
 
 All required images published on Docker Hub (Camunda and Bitnami organizations) are also available in the Camunda registry: