diff --git a/src/keycloak/chart/templates/statefulset.yaml b/src/keycloak/chart/templates/statefulset.yaml
index 733d4d7dd6..2269e87f92 100644
--- a/src/keycloak/chart/templates/statefulset.yaml
+++ b/src/keycloak/chart/templates/statefulset.yaml
@@ -53,6 +53,10 @@ spec:
               mountPath: /opt/keycloak/themes
             - name: conf
               mountPath: /opt/keycloak/conf
+            {{- if and .Values.themeCustomizations .Values.themeCustomizations.resources .Values.themeCustomizations.resources.images }}
+            - name: theme-overrides
+              mountPath: /opt/keycloak/theme-overrides
+            {{- end }}
           envFrom:
             - secretRef:
                 name: {{ include "keycloak.fullname" . }}-realm-env
@@ -289,3 +293,17 @@ spec:
           {{- else }}
           emptyDir: {}
           {{- end }}
+        {{- if and .Values.themeCustomizations .Values.themeCustomizations.resources .Values.themeCustomizations.resources.images }}
+        - name: theme-overrides
+          projected:
+            sources:
+              {{- range $image := .Values.themeCustomizations.resources.images }}
+              {{- if $image.configmap.name }}
+              - configMap:
+                  name: {{ $image.configmap.name }}
+                  items:
+                    - key: {{ $image.name }}
+                      path: {{ $image.name }}
+              {{- end }}
+              {{- end }}
+        {{- end }}
diff --git a/src/keycloak/chart/values.schema.json b/src/keycloak/chart/values.schema.json
index 80038d2d56..a08a453fe6 100644
--- a/src/keycloak/chart/values.schema.json
+++ b/src/keycloak/chart/values.schema.json
@@ -453,8 +453,37 @@
             "type": "string"
           }
         },
-        "required": [ "name", "value" ]
+        "required": ["name", "value"]
+      }
+    },
+    "themeCustomizations": {
+      "type": "object",
+      "properties": {
+        "resources": {
+          "type": "object",
+          "properties": {
+            "images": {
+              "type": "array",
+              "items": {
+                "type": "object",
+                "properties": {
+                  "name": {
+                    "enum": ["background.jpg", "footer.png", "logo.svg", "favicon.svg"]
+                  },
+                  "configmap": {
+                    "type": "object",
+                    "properties": {
+                      "name": {
+                        "type": "string"
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          }
+        }
       }
     }
   }
-}
+}
\ No newline at end of file
diff --git a/src/keycloak/chart/values.yaml b/src/keycloak/chart/values.yaml
index 7a8927a8c0..305f4f700a 100644
--- a/src/keycloak/chart/values.yaml
+++ b/src/keycloak/chart/values.yaml
@@ -54,6 +54,23 @@ realmAuthFlows:
   WEBAUTHN_ENABLED: false
   X509_MFA_ENABLED: false
 
+# Theme customizations with allowed types. More info here: https://github.com/defenseunicorns/uds-identity-config/blob/main/docs/reference/UDS%20Core/IdAM/customization.md#branding-customizations
+#themeCustomizations:
+#  resources:
+#    images:
+#      - name: background.jpg
+#        configmap:
+#          name: keycloak-theme-overrides
+#      - name: footer.png
+#        configmap:
+#          name: keycloak-theme-overrides
+#      - name: logo.svg
+#        configmap:
+#          name: keycloak-theme-overrides
+#      - name: favicon.svg
+#        configmap:
+#          name: keycloak-theme-overrides
+
 # Generates an initial password for first admin user - only use if install is headless
 # (i.e. cannot hit keycloak UI with `zarf connect keycloak`), password should be changed after initial login
 insecureAdminPasswordGeneration: