diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/css/login.css b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/css/login.css
deleted file mode 100644
index 3bf3c1b5..00000000
--- a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/css/login.css
+++ /dev/null
@@ -1,59 +0,0 @@
-:root {
-    --keycloak-logo-url: url('../img/keycloak-logo-text.png');
-    --keycloak-logo-height: 63px;
-    --keycloak-logo-width: 300px;
-}
-
-.pf-v5-c-login__container {
-    grid-template-columns: 34rem;
-    grid-template-areas: "header"
-                         "main"
-}
-
-.login-pf body {
-    background: url("../img/oceanbox-bg.png") no-repeat center center fixed;
-    background-size: cover;
-    height: 100%;
-}
-
-div.kc-logo-text {
-    background-image: var(--keycloak-logo-url);
-    height: var(--keycloak-logo-height);
-    width: var(--keycloak-logo-width);
-    background-repeat: no-repeat;
-    background-size: contain;
-    margin: 0 auto;
-}
-
-div.kc-logo-text span {
-    display: none;
-}
-
-#kc-recovery-codes-list {
-    columns: 2;
-}
-
-#certificate_subjectDN {
-    overflow-wrap: break-word
-}
-
-#kc-header-wrapper {
-    font-size: 29px;
-    text-transform: uppercase;
-    letter-spacing: 3px;
-    line-height: 1.2em;
-    white-space: normal;
-    color: var(--pf-v5-global--Color--light-100) !important;
-    text-align: center;
-}
-
-hr {
-    margin-top: var(--pf-v5-global--spacer--sm);
-    margin-bottom: var(--pf-v5-global--spacer--md);
-}
-
-@media (min-width: 768px) {
-    div.pf-v5-c-login__main-header {
-        grid-template-columns: 70% 30%;
-    }
-}
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/css/oceanbox.css b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/css/oceanbox.css
new file mode 100644
index 00000000..9140a73f
--- /dev/null
+++ b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/css/oceanbox.css
@@ -0,0 +1,109 @@
+/* Oceanbox Keycloak Login Theme
+ *
+ * Branding aligned with oceanbox.io:
+ *   Primary teal:    #0bb4aa
+ *   Dark teal:       #37746F
+ *   Deep blue:       #031275
+ *   Background:      #f9fafd
+ *   Text:            #101010
+ */
+
+:root {
+    --pf-v5-global--primary-color--100: #0bb4aa;
+    --pf-v5-global--primary-color--200: #099e95;
+    --pf-v5-global--link--Color: #0bb4aa;
+    --pf-v5-global--link--Color--hover: #031275;
+}
+
+.login-pf body {
+    background: #f9fafd url("../img/oceanbox-bg.png") no-repeat center bottom fixed;
+    background-size: cover;
+    height: 100%;
+}
+
+/* Login container layout */
+.pf-v5-c-login__container {
+    grid-template-columns: 34rem;
+    grid-template-areas: "header"
+                         "main";
+}
+
+/* Logo */
+div.kc-logo-text {
+    background-image: url('../img/oceanbox-logo-text.png');
+    height: 80px;
+    width: 360px;
+    background-repeat: no-repeat;
+    background-size: contain;
+    background-position: center;
+    margin: 0 auto;
+}
+
+div.kc-logo-text span {
+    display: none;
+}
+
+/* Header */
+#kc-header-wrapper {
+    font-size: 29px;
+    text-transform: uppercase;
+    letter-spacing: 3px;
+    line-height: 1.2em;
+    white-space: normal;
+    color: #37746F !important;
+    text-align: center;
+}
+
+/* Login card */
+.pf-v5-c-login__main {
+    border-radius: 8px;
+    box-shadow: 0 4px 24px rgba(0, 0, 0, 0.08);
+}
+
+/* Primary button */
+.pf-v5-c-button.pf-m-primary {
+    --pf-v5-c-button--m-primary--BackgroundColor: #0bb4aa;
+    --pf-v5-c-button--m-primary--hover--BackgroundColor: #099e95;
+    --pf-v5-c-button--m-primary--active--BackgroundColor: #37746F;
+    --pf-v5-c-button--m-primary--focus--BackgroundColor: #099e95;
+    border-radius: 4px;
+}
+
+/* Links */
+.pf-v5-c-button.pf-m-link {
+    --pf-v5-c-button--m-link--Color: #0bb4aa;
+    --pf-v5-c-button--m-link--hover--Color: #031275;
+}
+
+a {
+    color: #0bb4aa;
+}
+
+a:hover {
+    color: #031275;
+}
+
+/* Form inputs */
+.pf-v5-c-form-control > input,
+.pf-v5-c-form-control > textarea {
+    border-radius: 4px;
+}
+
+#kc-recovery-codes-list {
+    columns: 2;
+}
+
+#certificate_subjectDN {
+    overflow-wrap: break-word;
+}
+
+hr {
+    margin-top: var(--pf-v5-global--spacer--sm);
+    margin-bottom: var(--pf-v5-global--spacer--md);
+}
+
+@media (min-width: 768px) {
+    div.pf-v5-c-login__main-header {
+        grid-template-columns: 70% 30%;
+    }
+}
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-error-arrow-down.png b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-error-arrow-down.png
deleted file mode 100644
index 6f2d9d2a..00000000
Binary files a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-error-arrow-down.png and /dev/null differ
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-error-sign.png b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-error-sign.png
deleted file mode 100644
index 0dd50044..00000000
Binary files a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-error-sign.png and /dev/null differ
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-success-arrow-down.png b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-success-arrow-down.png
deleted file mode 100644
index 03cc0c45..00000000
Binary files a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-success-arrow-down.png and /dev/null differ
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-success-sign.png b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-success-sign.png
deleted file mode 100644
index 640bd71c..00000000
Binary files a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-success-sign.png and /dev/null differ
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-warning-arrow-down.png b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-warning-arrow-down.png
deleted file mode 100644
index 6f2d9d2a..00000000
Binary files a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-warning-arrow-down.png and /dev/null differ
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-warning-sign.png b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-warning-sign.png
deleted file mode 100644
index f9392a35..00000000
Binary files a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/feedback-warning-sign.png and /dev/null differ
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/keycloak-bg.png b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/keycloak-bg.png
deleted file mode 100644
index 4004db44..00000000
Binary files a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/keycloak-bg.png and /dev/null differ
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/keycloak-logo-text.png b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/keycloak-logo-text.png
deleted file mode 100644
index 63f3b9f8..00000000
Binary files a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/keycloak-logo-text.png and /dev/null differ
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/keycloak-logo.png b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/keycloak-logo.png
deleted file mode 100644
index ffa5b0bf..00000000
Binary files a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/resources/img/keycloak-logo.png and /dev/null differ
diff --git a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/theme.properties b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/theme.properties
index d259b597..ea5ee018 100644
--- a/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/theme.properties
+++ b/bootstrap/keycloak-theme/keycloak-themes/oceanbox/login/theme.properties
@@ -1,3 +1,5 @@
 parent=keycloak.v2
+import=common/keycloak
 
-styles=css/login.css
+stylesCommon=vendor/patternfly-v5/patternfly.min.css vendor/patternfly-v5/patternfly-addons.css
+styles=css/styles.css css/oceanbox.css
diff --git a/helmfile.d/keycloak.yaml.gotmpl b/helmfile.d/keycloak.yaml.gotmpl
index 7eefca61..c9df5421 100644
--- a/helmfile.d/keycloak.yaml.gotmpl
+++ b/helmfile.d/keycloak.yaml.gotmpl
@@ -12,7 +12,7 @@ releases:
 - name: {{ .Environment.Name }}-keycloak
   namespace: keycloak
   chart: bitnami/keycloak
-  version: 24.9.0
+  version: 25.2.0
   condition: keycloak.enabled
   values:
   - ../values/keycloak/values/values.yaml
diff --git a/values/keycloak/values/values-prod.yaml b/values/keycloak/values/values-prod.yaml
index ddef38bc..586e9be5 100644
--- a/values/keycloak/values/values-prod.yaml
+++ b/values/keycloak/values/values-prod.yaml
@@ -37,22 +37,6 @@ extraVolumes:
 ingress:
   hostname: auth.oceanbox.io
 
-adminIngress:
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-production
-    nginx.ingress.kubernetes.io/enable-cors: "true"
-    nginx.ingress.kubernetes.io/backend-protocol: HTTP
-    nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
-    nginx.ingress.kubernetes.io/ssl-redirect: "true"
-    oceanbox.io/expose: internal
-  hostname: keycloak.adm.oceanbox.io
-  ingressClassName: nginx
-  path: /
-  pathType: ImplementationSpecific
-  selfSigned: false
-  servicePort: http
-  tls: true
-
 keycloakConfigCli:
   enabled: false
   configuration:
diff --git a/values/keycloak/values/values-staging.yaml b/values/keycloak/values/values-staging.yaml
index 28955673..7eb47730 100644
--- a/values/keycloak/values/values-staging.yaml
+++ b/values/keycloak/values/values-staging.yaml
@@ -11,19 +11,3 @@ postgresql:
 
 ingress:
   hostname: auth.srv.oceanbox.io
-
-adminIngress:
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-production
-    nginx.ingress.kubernetes.io/enable-cors: "true"
-    nginx.ingress.kubernetes.io/backend-protocol: HTTP
-    nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
-    nginx.ingress.kubernetes.io/ssl-redirect: "true"
-    oceanbox.io/expose: internal
-  hostname: auth.adm.oceanbox.io
-  ingressClassName: nginx
-  path: /
-  pathType: ImplementationSpecific
-  selfSigned: false
-  servicePort: http
-  tls: true
diff --git a/values/keycloak/values/values.yaml b/values/keycloak/values/values.yaml
index 37645dce..d6377bd5 100644
--- a/values/keycloak/values/values.yaml
+++ b/values/keycloak/values/values.yaml
@@ -6,7 +6,11 @@ image:
     repository: bitnamilegacy/keycloak
 
 production: true
-proxy: edge
+
+# Replaces removed `proxy: edge` in chart 25.x
+extraEnvVars:
+- name: KC_PROXY_HEADERS
+  value: xforwarded
 
 auth:
   adminUser: admin
@@ -26,6 +30,3 @@ ingress:
   selfSigned: false
   servicePort: http
   tls: true
-
-adminIngress:
-  enabled: false