diff --git a/config/base/kustomization.yaml b/config/base/kustomization.yaml
index f9ffc623..a2de720b 100644
--- a/config/base/kustomization.yaml
+++ b/config/base/kustomization.yaml
@@ -29,6 +29,13 @@ vars:
       apiVersion: v1
     fieldref:
       fieldpath: data.IMAGES_ARTIFACT
+  - name: IMAGES_OAUTHPROXY
+    objref:
+      kind: ConfigMap
+      name: dspo-parameters
+      apiVersion: v1
+    fieldref:
+      fieldpath: data.IMAGES_OAUTHPROXY
   - name: IMAGES_PERSISTENTAGENT
     objref:
       kind: ConfigMap
diff --git a/config/base/params.env b/config/base/params.env
index 926ed4f6..8a51d532 100644
--- a/config/base/params.env
+++ b/config/base/params.env
@@ -6,3 +6,4 @@ IMAGES_CACHE=registry.access.redhat.com/ubi8/ubi-minimal
 IMAGES_MOVERESULTSIMAGE=registry.access.redhat.com/ubi8/ubi-micro
 IMAGES_MARIADB=registry.redhat.io/rhel8/mariadb-103:1-188
 IMAGES_DSPO=quay.io/opendatahub/data-science-pipelines-operator:main-d9ee12b
+IMAGES_OAUTHPROXY=registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0
diff --git a/config/configmaps/files/config.yaml b/config/configmaps/files/config.yaml
index bbb18309..104a1fab 100644
--- a/config/configmaps/files/config.yaml
+++ b/config/configmaps/files/config.yaml
@@ -1,6 +1,7 @@
 Images:
   ApiServer: $(IMAGES_APISERVER)
   Artifact: $(IMAGES_ARTIFACT)
+  OAuthProxy: $(IMAGES_OAUTHPROXY)
   PersistentAgent: $(IMAGES_PERSISTENTAGENT)
   ScheduledWorkflow: $(IMAGES_SCHEDULEDWORKFLOW)
   Cache: $(IMAGES_CACHE)
diff --git a/config/internal/apiserver/deployment.yaml.tmpl b/config/internal/apiserver/deployment.yaml.tmpl
index 767fa913..fb667ace 100644
--- a/config/internal/apiserver/deployment.yaml.tmpl
+++ b/config/internal/apiserver/deployment.yaml.tmpl
@@ -31,7 +31,7 @@ spec:
             - '--openshift-delegate-urls={"/": {"group":"route.openshift.io","resource":"routes","verb":"get","name":"ds-pipeline-{{.Name}}","namespace":"{{.Namespace}}"}}'
             - '--openshift-sar={"namespace":"{{.Namespace}}","resource":"routes","resourceName":"ds-pipeline-{{.Name}}","verb":"get","resourceAPIGroup":"route.openshift.io"}'
             - --skip-auth-regex='(^/metrics|^/apis/v1beta1/healthz)'
-          image: registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0
+          image: {{.OAuthProxy}}
           ports:
             - containerPort: 8443
               name: oauth
diff --git a/config/internal/mlpipelines-ui/deployment.yaml.tmpl b/config/internal/mlpipelines-ui/deployment.yaml.tmpl
index be9d43e8..25a48e43 100644
--- a/config/internal/mlpipelines-ui/deployment.yaml.tmpl
+++ b/config/internal/mlpipelines-ui/deployment.yaml.tmpl
@@ -32,7 +32,7 @@ spec:
             - '--openshift-delegate-urls={"/": {"group":"route.openshift.io","resource":"routes","verb":"get","name":"ds-pipeline-ui-{{.Name}}","namespace":"{{.Namespace}}"}}'
             - '--openshift-sar={"namespace":"{{.Namespace}}","resource":"routes","resourceName":"ds-pipeline-ui-{{.Name}}","verb":"get","resourceAPIGroup":"route.openshift.io"}'
             - --skip-auth-regex='(^/metrics|^/apis/v1beta1/healthz)'
-          image: registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0
+          image: {{.OAuthProxy}}
           ports:
             - containerPort: 8443
               name: https
diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
index 0fa9b5ab..9f7845e4 100644
--- a/config/manager/manager.yaml
+++ b/config/manager/manager.yaml
@@ -38,6 +38,8 @@ spec:
             value: $(IMAGES_APISERVER)
           - name: IMAGES_ARTIFACT
             value: $(IMAGES_ARTIFACT)
+          - name: IMAGES_OAUTHPROXY
+            value: $(IMAGES_OAUTHPROXY)
           - name: IMAGES_PERSISTENTAGENT
             value: $(IMAGES_PERSISTENTAGENT)
           - name: IMAGES_SCHEDULEDWORKFLOW
diff --git a/controllers/config/defaults.go b/controllers/config/defaults.go
index bdbe9de0..964e84ea 100644
--- a/controllers/config/defaults.go
+++ b/controllers/config/defaults.go
@@ -59,6 +59,7 @@ const (
 	APIServerCacheImagePath       = "Images.Cache"
 	APIServerMoveResultsImagePath = "Images.MoveResultsImage"
 	MariaDBImagePath              = "Images.MariaDB"
+	OAuthProxyImagePath           = "Images.OAuthProxy"
 )
 
 const (
@@ -80,6 +81,7 @@ var requiredFields = []string{
 	APIServerCacheImagePath,
 	APIServerMoveResultsImagePath,
 	MariaDBImagePath,
+	OAuthProxyImagePath,
 }
 
 func GetConfigRequiredFields() []string {
diff --git a/controllers/dspipeline_params.go b/controllers/dspipeline_params.go
index 04a2bf6b..09dbf61a 100644
--- a/controllers/dspipeline_params.go
+++ b/controllers/dspipeline_params.go
@@ -40,6 +40,7 @@ type DSPAParams struct {
 	Owner                mf.Owner
 	APIServer            *dspa.APIServer
 	APIServerServiceName string
+	OAuthProxy           string
 	ScheduledWorkflow    *dspa.ScheduledWorkflow
 	PersistenceAgent     *dspa.PersistenceAgent
 	MlPipelineUI         *dspa.MlPipelineUI
@@ -359,6 +360,7 @@ func (p *DSPAParams) ExtractParams(ctx context.Context, dsp *dspa.DataSciencePip
 	p.MlPipelineUI = dsp.Spec.MlPipelineUI.DeepCopy()
 	p.MariaDB = dsp.Spec.MariaDB.DeepCopy()
 	p.Minio = dsp.Spec.Minio.DeepCopy()
+	p.OAuthProxy = config.GetStringConfigWithDefault(config.OAuthProxyImagePath, config.DefaultImageValue)
 
 	// TODO: If p.<component> is nil we should create defaults
 
diff --git a/controllers/testdata/declarative/case_0/config.yaml b/controllers/testdata/declarative/case_0/config.yaml
index 6694c1cd..0a25647e 100644
--- a/controllers/testdata/declarative/case_0/config.yaml
+++ b/controllers/testdata/declarative/case_0/config.yaml
@@ -9,3 +9,4 @@ Images:
   MlPipelineUI: frontend:test0
   MariaDB: mariadb:test0
   Minio: minio:test0
+  OAuthProxy: oauth-proxy:test0
diff --git a/controllers/testdata/declarative/case_0/expected/created/apiserver_deployment.yaml b/controllers/testdata/declarative/case_0/expected/created/apiserver_deployment.yaml
index b2dfe16e..9b5d040f 100644
--- a/controllers/testdata/declarative/case_0/expected/created/apiserver_deployment.yaml
+++ b/controllers/testdata/declarative/case_0/expected/created/apiserver_deployment.yaml
@@ -30,7 +30,7 @@ spec:
             - '--openshift-delegate-urls={"/": {"group":"route.openshift.io","resource":"routes","verb":"get","name":"ds-pipeline-testdsp0","namespace":"default"}}'
             - '--openshift-sar={"namespace":"default","resource":"routes","resourceName":"ds-pipeline-testdsp0","verb":"get","resourceAPIGroup":"route.openshift.io"}'
             - --skip-auth-regex='(^/metrics|^/apis/v1beta1/healthz)'
-          image: registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0
+          image: oauth-proxy:test0
           ports:
             - containerPort: 8443
               name: oauth
diff --git a/controllers/testdata/declarative/case_1/config.yaml b/controllers/testdata/declarative/case_1/config.yaml
index 472ab76c..16d0e588 100644
--- a/controllers/testdata/declarative/case_1/config.yaml
+++ b/controllers/testdata/declarative/case_1/config.yaml
@@ -7,3 +7,4 @@ Images:
   Cache: ubi-minimal:test1
   MoveResultsImage: busybox:test1
   MariaDB: mariadb:test1
+  OAuthProxy: oauth-proxy:test1
diff --git a/controllers/testdata/declarative/case_2/config.yaml b/controllers/testdata/declarative/case_2/config.yaml
index 5c05be39..6b4f5a66 100644
--- a/controllers/testdata/declarative/case_2/config.yaml
+++ b/controllers/testdata/declarative/case_2/config.yaml
@@ -7,3 +7,4 @@ Images:
   Cache: ubi-minimal:test2
   MoveResultsImage: busybox:test2
   MariaDB: mariadb:test2
+  OAuthProxy: oauth-proxy:test2
diff --git a/controllers/testdata/declarative/case_2/expected/created/apiserver_deployment.yaml b/controllers/testdata/declarative/case_2/expected/created/apiserver_deployment.yaml
index 0c968d3a..a41a8fd9 100644
--- a/controllers/testdata/declarative/case_2/expected/created/apiserver_deployment.yaml
+++ b/controllers/testdata/declarative/case_2/expected/created/apiserver_deployment.yaml
@@ -30,7 +30,7 @@ spec:
             - '--openshift-delegate-urls={"/": {"group":"route.openshift.io","resource":"routes","verb":"get","name":"ds-pipeline-testdsp2","namespace":"default"}}'
             - '--openshift-sar={"namespace":"default","resource":"routes","resourceName":"ds-pipeline-testdsp2","verb":"get","resourceAPIGroup":"route.openshift.io"}'
             - --skip-auth-regex='(^/metrics|^/apis/v1beta1/healthz)'
-          image: registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0
+          image: oauth-proxy:test2
           ports:
             - containerPort: 8443
               name: oauth
diff --git a/controllers/testdata/declarative/case_2/expected/created/mlpipelines-ui_deployment.yaml b/controllers/testdata/declarative/case_2/expected/created/mlpipelines-ui_deployment.yaml
index 02bdd23b..931b9ae5 100644
--- a/controllers/testdata/declarative/case_2/expected/created/mlpipelines-ui_deployment.yaml
+++ b/controllers/testdata/declarative/case_2/expected/created/mlpipelines-ui_deployment.yaml
@@ -32,7 +32,7 @@ spec:
             - '--openshift-delegate-urls={"/": {"group":"route.openshift.io","resource":"routes","verb":"get","name":"ds-pipeline-ui-testdsp2","namespace":"default"}}'
             - '--openshift-sar={"namespace":"default","resource":"routes","resourceName":"ds-pipeline-ui-testdsp2","verb":"get","resourceAPIGroup":"route.openshift.io"}'
             - --skip-auth-regex='(^/metrics|^/apis/v1beta1/healthz)'
-          image: registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0
+          image: oauth-proxy:test2
           ports:
             - containerPort: 8443
               name: https
diff --git a/controllers/testdata/declarative/case_3/config.yaml b/controllers/testdata/declarative/case_3/config.yaml
index 6cafbbfc..23338bf5 100644
--- a/controllers/testdata/declarative/case_3/config.yaml
+++ b/controllers/testdata/declarative/case_3/config.yaml
@@ -7,3 +7,4 @@ Images:
   Cache: ubi-minimal:test3
   MoveResultsImage: busybox:test3
   MariaDB: mariadb:test3
+  OAuthProxy: oauth-proxy:test3
diff --git a/controllers/testdata/declarative/case_3/expected/created/apiserver_deployment.yaml b/controllers/testdata/declarative/case_3/expected/created/apiserver_deployment.yaml
index 9c2ec1ba..e6c1cac4 100644
--- a/controllers/testdata/declarative/case_3/expected/created/apiserver_deployment.yaml
+++ b/controllers/testdata/declarative/case_3/expected/created/apiserver_deployment.yaml
@@ -30,7 +30,7 @@ spec:
             - '--openshift-delegate-urls={"/": {"group":"route.openshift.io","resource":"routes","verb":"get","name":"ds-pipeline-testdsp3","namespace":"default"}}'
             - '--openshift-sar={"namespace":"default","resource":"routes","resourceName":"ds-pipeline-testdsp3","verb":"get","resourceAPIGroup":"route.openshift.io"}'
             - --skip-auth-regex='(^/metrics|^/apis/v1beta1/healthz)'
-          image: registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0
+          image: oauth-proxy:test3
           ports:
             - containerPort: 8443
               name: oauth
diff --git a/kfdef/kfdef.yaml b/kfdef/kfdef.yaml
index 7068f636..1f2a1068 100644
--- a/kfdef/kfdef.yaml
+++ b/kfdef/kfdef.yaml
@@ -22,6 +22,8 @@ spec:
             value: registry.access.redhat.com/ubi8/ubi-micro:8.7
           - name: IMAGES_MARIADB
             value: registry.redhat.io/rhel8/mariadb-103:1-188
+          - name: IMAGES_OAUTHPROXY
+            value: registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0
         repoRef:
           name: manifests
           path: config