diff --git a/antora.yml b/antora.yml
index fa9fb82423..0092837d68 100644
--- a/antora.yml
+++ b/antora.yml
@@ -17,8 +17,8 @@ asciidoc:
     # Fallback versions
     # We try to fetch the latest versions from GitHub at build time
     # --
-    full-version: 26.1.6
-    latest-redpanda-tag: 'v26.1.6'
+    full-version: 26.1.7
+    latest-redpanda-tag: 'v26.1.7'
     latest-console-tag: 'v3.3.1'
     latest-release-commit: '35a825c9c1880ebeedf4c18bb8c6cceaa63566c1'
     latest-operator-version: 'v2.3.8-24.3.6'
diff --git a/docs-data/property-overrides.json b/docs-data/property-overrides.json
index 4283174d17..f1de2cedf9 100644
--- a/docs-data/property-overrides.json
+++ b/docs-data/property-overrides.json
@@ -1300,7 +1300,10 @@
     "leader_balancer_mode": {
       "_comment": "greedy mode excluded from docs - internal use only (added in v26.1.2)",
       "description": "Mode of the leader balancer optimization strategy.\n\nAccepted values:\n\n* `calibrated` (default): An adaptive strategy that samples potential moves and prioritizes high-impact transfers. Minimizes unnecessary leader movement while achieving balance over time. Best for most production workloads.\n* `random`: Accepts the first random move that improves balance. Less efficient than `calibrated` because it doesn't prioritize high-impact moves. Available as a fallback if `calibrated` causes unexpected behavior.\n\nLegacy values `greedy_balanced_shards` and `random_hill_climbing` are treated as `calibrated`.",
-      "accepted_values": ["calibrated", "random"],
+      "accepted_values": [
+        "calibrated",
+        "random"
+      ],
       "config_scope": "cluster"
     },
     "leader_balancer_mute_timeout": {
@@ -1540,6 +1543,9 @@
     "oidc_group_claim_path": {
       "version": "v26.1.1"
     },
+    "oidc_http_proxy_url": {
+      "version": "v26.1.7"
+    },
     "oidc_principal_mapping": {
       "description": "Rule for mapping JWT payload claim to a Redpanda user principal.",
       "related_topics": [
@@ -2269,4 +2275,4 @@
       "description": "The default write caching mode to apply to user topics. Write caching acknowledges a message as soon as it is received and acknowledged on a majority of brokers, without waiting for it to be written to disk. With `acks=all`, this provides lower latency while still ensuring that a majority of brokers acknowledge the write. \n\nFsyncs follow <<raft_replica_max_pending_flush_bytes,`raft_replica_max_pending_flush_bytes`>> and <<raft_replica_max_flush_delay_ms,`raft_replica_max_flush_delay_ms`>>, whichever is reached first.\n\nThe `write_caching_default` cluster property can be overridden with the xref:reference:properties/topic-properties.adoc#writecaching[`write.caching`] topic property."
     }
   }
-}
\ No newline at end of file
+}
diff --git a/docs-data/redpanda-property-changes-v26.1.5-to-v26.1.6.json b/docs-data/redpanda-property-changes-v26.1.6-to-v26.1.7.json
similarity index 55%
rename from docs-data/redpanda-property-changes-v26.1.5-to-v26.1.6.json
rename to docs-data/redpanda-property-changes-v26.1.6-to-v26.1.7.json
index 20eb364dce..0890e09ac1 100644
--- a/docs-data/redpanda-property-changes-v26.1.5-to-v26.1.6.json
+++ b/docs-data/redpanda-property-changes-v26.1.6-to-v26.1.7.json
@@ -1,11 +1,11 @@
 {
   "comparison": {
-    "oldVersion": "v26.1.5",
-    "newVersion": "v26.1.6",
-    "timestamp": "2026-04-22T01:41:17.013Z"
+    "oldVersion": "v26.1.6",
+    "newVersion": "v26.1.7",
+    "timestamp": "2026-05-08T12:54:30.491Z"
   },
   "summary": {
-    "newProperties": 0,
+    "newProperties": 1,
     "changedDefaults": 0,
     "changedDescriptions": 0,
     "changedTypes": 0,
@@ -15,7 +15,14 @@
     "emptyDescriptions": 2
   },
   "details": {
-    "newProperties": [],
+    "newProperties": [
+      {
+        "name": "oidc_http_proxy_url",
+        "type": "string",
+        "default": null,
+        "description": "URL of the HTTP forward proxy used for OIDC discovery and JWKS fetches. Accepts http://host:port or https://host:port. When set, oidc_discovery_url must use https:// — plaintext OIDC origins cannot be routed through a forward proxy."
+      }
+    ],
     "changedDefaults": [],
     "changedDescriptions": [],
     "changedTypes": [],
diff --git a/modules/reference/attachments/redpanda-properties-v26.1.6.json b/modules/reference/attachments/redpanda-properties-v26.1.7.json
similarity index 99%
rename from modules/reference/attachments/redpanda-properties-v26.1.6.json
rename to modules/reference/attachments/redpanda-properties-v26.1.7.json
index 0e6fdb8d64..09a6100063 100644
--- a/modules/reference/attachments/redpanda-properties-v26.1.6.json
+++ b/modules/reference/attachments/redpanda-properties-v26.1.7.json
@@ -10103,6 +10103,24 @@
             "version": "v26.1.1",
             "visibility": "user"
         },
+        "oidc_http_proxy_url": {
+            "c_type": "ss::sstring",
+            "cloud_byoc_only": false,
+            "cloud_editable": false,
+            "cloud_readonly": false,
+            "cloud_supported": false,
+            "config_scope": "cluster",
+            "default": null,
+            "defined_in": "src/v/config/configuration.cc",
+            "description": "URL of the HTTP forward proxy used for OIDC discovery and JWKS fetches. Accepts http://host:port or https://host:port. When set, oidc_discovery_url must use https:// \u2014 plaintext OIDC origins cannot be routed through a forward proxy.",
+            "is_deprecated": false,
+            "is_enterprise": false,
+            "name": "oidc_http_proxy_url",
+            "needs_restart": false,
+            "nullable": true,
+            "type": "string",
+            "visibility": "user"
+        },
         "oidc_keys_refresh_interval": {
             "c_type": "std::chrono::seconds",
             "cloud_byoc_only": false,
diff --git a/modules/reference/partials/properties/cluster-properties.adoc b/modules/reference/partials/properties/cluster-properties.adoc
index 411f007ef9..acd8f09cf5 100644
--- a/modules/reference/partials/properties/cluster-properties.adoc
+++ b/modules/reference/partials/properties/cluster-properties.adoc
@@ -14083,6 +14083,47 @@ endif::[]
 |===
 
 
+=== oidc_http_proxy_url
+
+URL of the HTTP forward proxy used for OIDC discovery and JWKS fetches. Accepts http://host:port or https://host:port. When set, oidc_discovery_url must use https:// — plaintext OIDC origins cannot be routed through a forward proxy.
+
+[cols="1s,2a"]
+|===
+| Property | Value
+
+| Type
+| `string`
+
+
+
+| Default
+|
+ifdef::env-cloud[]
+Available in the Redpanda Cloud Console
+endif::[]
+ifndef::env-cloud[]
+`null`
+endif::[]
+
+| Nullable
+| Yes
+
+| Requires restart
+| No
+
+ifndef::env-cloud[]
+| Restored on xref:manage:whole-cluster-restore.adoc[Whole Cluster Restore]
+| Yes
+endif::[]
+
+ifndef::env-cloud[]
+| Visibility
+| User
+endif::[]
+
+|===
+
+
 === oidc_keys_refresh_interval
 
 The frequency of refreshing the JSON Web Keys (JWKS) used to validate access tokens.