diff --git a/task/oci-copy-oci-ta/0.1/README.md b/task/oci-copy-oci-ta/0.1/README.md
index 6c7e32c6bd..c8165982bd 100644
--- a/task/oci-copy-oci-ta/0.1/README.md
+++ b/task/oci-copy-oci-ta/0.1/README.md
@@ -15,4 +15,5 @@ Given a file in the user's source directory, copy content from arbitrary urls in
 |---|---|
 |IMAGE_DIGEST|Digest of the artifact just pushed|
 |IMAGE_URL|Repository where the artifact was pushed|
+|SBOM_BLOB_URL|Link to the SBOM blob pushed to the registry.|
 
diff --git a/task/oci-copy-oci-ta/0.1/oci-copy-oci-ta.yaml b/task/oci-copy-oci-ta/0.1/oci-copy-oci-ta.yaml
index f6b97faf03..ffe7e4f409 100644
--- a/task/oci-copy-oci-ta/0.1/oci-copy-oci-ta.yaml
+++ b/task/oci-copy-oci-ta/0.1/oci-copy-oci-ta.yaml
@@ -37,6 +37,8 @@ spec:
       description: Digest of the artifact just pushed
     - name: IMAGE_URL
       description: Repository where the artifact was pushed
+    - name: SBOM_BLOB_URL
+      description: Link to the SBOM blob pushed to the registry.
   volumes:
     - name: varlibcontainers
       emptyDir: {}
@@ -191,3 +193,12 @@ spec:
         - cyclonedx
         - $(params.IMAGE)
       workingDir: /var/workdir
+    - name: report-sbom-url
+      image: quay.io/konflux-ci/yq:latest@sha256:974dea6375ee9df561ffd3baf994db2b61777a71f3bcf0050c5dca91ac9b3430
+      workingDir: /var/workdir
+      script: |
+        REPO=${IMAGE%:*}
+        echo "Found that ${REPO} is the repository for ${IMAGE}"
+        SBOM_DIGEST=$(sha256sum sbom-cyclonedx.json | awk '{ print $1 }')
+        echo "Found that ${SBOM_DIGEST} is the SBOM digest"
+        echo -n "${REPO}@sha256:${SBOM_DIGEST}" | tee $(results.SBOM_BLOB_URL.path)
diff --git a/task/oci-copy/0.1/README.md b/task/oci-copy/0.1/README.md
index 704e0a6e5f..2b09c8a67f 100644
--- a/task/oci-copy/0.1/README.md
+++ b/task/oci-copy/0.1/README.md
@@ -21,6 +21,7 @@ Note: the bearer token secret, if specified, will be sent to **all servers liste
 |---|---|
 |IMAGE_DIGEST|Digest of the image just built|
 |IMAGE_URL|Image repository where the built image was pushed|
+|SBOM_BLOB_URL|Link to the SBOM blob pushed to the registry.|
 
 ## Workspaces
 |name|description|optional|
diff --git a/task/oci-copy/0.1/oci-copy.yaml b/task/oci-copy/0.1/oci-copy.yaml
index ab21991de3..0511ba4702 100644
--- a/task/oci-copy/0.1/oci-copy.yaml
+++ b/task/oci-copy/0.1/oci-copy.yaml
@@ -30,6 +30,8 @@ spec:
       name: IMAGE_DIGEST
     - description: Repository where the artifact was pushed
       name: IMAGE_URL
+    - description: Link to the SBOM blob pushed to the registry.
+      name: SBOM_BLOB_URL
   stepTemplate:
     env:
       - name: OCI_COPY_FILE
@@ -170,7 +172,15 @@ spec:
         - cyclonedx
         - $(params.IMAGE)
       workingDir: $(workspaces.source.path)
-
+    - name: report-sbom-url
+      image: quay.io/konflux-ci/yq:latest@sha256:974dea6375ee9df561ffd3baf994db2b61777a71f3bcf0050c5dca91ac9b3430
+      script: |
+        REPO=${IMAGE%:*}
+        echo "Found that ${REPO} is the repository for ${IMAGE}"
+        SBOM_DIGEST=$(sha256sum sbom-cyclonedx.json | awk '{ print $1 }')
+        echo "Found that ${SBOM_DIGEST} is the SBOM digest"
+        echo -n "${REPO}@sha256:${SBOM_DIGEST}" | tee $(results.SBOM_BLOB_URL.path)
+      workingDir: $(workspaces.source.path)
   volumes:
     - emptyDir: {}
       name: varlibcontainers